What is SSL (Secure Sockets Layer)? How does it work ?

All of the information of the Internet is basically transferred from one location to another location in a language called HTTP. HTTP stands for hypertext Transfer Protocol. Now HTTP by itself is unprotected, so a technology called SSL or secure Sockets Layer was developed to protect the information traveling on the internet. When HTTP is being projected by SSL, it inherits the letter S which means its secure SSL.

SSL keeps your information secure in two separate ways the first is by encrypting your data let’s say that you want a coffee shop using Wi-Fi and you’re hit with an urge to buy something online without SSL and HTTPS when you enter your credit card information this information can be stolen because you’re on a public Wi-Fi connection and anybody using that Wi-Fi could be listening to your transaction without encryption the information is transmitted as text that anyone can read. The way that SSL and HTTPS encryption works is by scrambling this information so that the only people who can read it are those with the correct decryption key and not those DBS cipher ninjas.

The second way that SSL HTTPS keeps you safe is by identification .you are probably aware that there are sites that fish for your information. That’s when you get set an email that asks you to click here to go to your bank account and when you click the link it takes you to a site that looks exactly like your bank but it’s not your bank. it’s a fake. As a few word, it is very important to know if a website actually is what it says. It is an SSL, that gives us this tool. Let’s say you accidentally followed one of these phishing links and it takes you to Amazon.com, you decide that you’re finally going to buy a book that you’ve been eyeing for a couple of days now and you navigate to a page where you enter your personal info. At this point your browser will want to protect you so it’s going to try to encrypt this information it will ask amazon.com for something called a certificate.

A certificate is simply a way of validating that a site really is what it says it is. A legitimate company website would send their company info to a registered certification authority where the info will be verified and a certificate that’s signed by the certificate authorities will be created and stored. So your browser will check the certificate given by Amazon with all the certificates at all the different certificate authorities to see if one matches. If the certificate doesn’t match any signed certificates or if the certificate is expired or if the certificate has been issued by an unknown Authority an alert will pop up in your browser informing you what is wrong with the site certificate and cautioning you against submitting your information. That’s how HTTPS and SSL work together to keep you safe encryption and identification.

Write your comment