WTF is SSL or Secure Sockets Layer? [An Introduction]

by SachindraMay 9th, 2020

Too Long; Didn't Read

SSL stands for 'Secure Sockets Layer' It is a way to keep the communication between a client and server secure. It safeguards data that is transferred between the two machines. It prevents a hacker from reading or modifying any information that is being transferred, which might include personal information. It is one of the most widely used cryptographic protocol to provide security over internet communications. It provides a secure channel for the machines or devices to talk to each other. SSL certificates are categorized based on different validation levels. These offer the same level of encryption but the validation requirements are different.

Company Mentioned

featured image - WTF is SSL or Secure Sockets Layer? [An Introduction]

SSL stands for

Secure Sockets Layer

. It is a way to keep the communication between a client and server secure and hence it safeguards data that is transferred between the two machines. It prevents a hacker from reading or modifying any information that is being transferred, which might include personal information.

It is one of the most widely used cryptographic protocol to provide security over internet communications. Hence, it provides a secure channel for the machines or devices to talk to each other. This turns the website's address from

HTTP

HTTPS

HTTP

is insecure and is liable to eavesdropping attacks as the data that is getting transferred from client to the server is transmitted in plain text. Hence the hacker can easily interpret and view sensitive information.

SSL

ensures that this data is encrypted and is secure from interception.

Benefits of SSL certification:

Eliminates the risks of cyber attacks
Ensuring secure communication between client and server machines
Protects user sensitive information
Increases organisation's reputation online
Ranking benefits by Google to SSL enabled websites

What Are The Types of SSL certificates?

SSL certificates are categorized based on different validation levels. These offer the same level of encryption but the validation requirements are different.

Extended Validation (EV) certificates:

These require highest degree of vetting to obtain. These not only verify domain ownership but also require a significant amount of information from the organization. The issuance process is defined in the EV guidelines. This set of guidelines require that the entity has a legal and operational existence, its identity matches the records, it holds rights to use the domain, etc.

Organizational Validation (OV) certificates:

This require less stringent requirements to obtain. Here the

Certificate Authority (CA)

validates the domain and company ownership and also requires some additional information. It gives an enhanced legitimacy by adding company name to the URL address bar.

Domain Validation (DV) certificates:

This is the most popular certificates used and is the easiest and cheapest one to use. Here the CA validates the domain ownership but does not require any additional information. Despite this fact, all data is secure under this certificate also.