SSL on

SSL is the abbreviation for Secure Sockets Layer. Developed by the companies Netscape and RSA Data Security, the SSL protocol is intended to ensure that sensitive data is transmitted encrypted when surfing the Internet, for example credit card information during online shopping.

This is to prevent third-party users from reading or manipulating the data during transmission. In addition, this encryption process ensures the identity of a website. Most browsers, such as Netscape Navigator or Microsoft Internet Explorer, support SSL encryption.

The SSL protocol is triggered when the letter "s" (for "secure") is attached to the well-known HTTP. Whenever such an HTTPS page is accessed, the used browser checks whether the web page provider is using a valid SSL certificate. If this is not the case, the browser issues a warning message and asks the user if he wants to continue. The reason for this is that the certificate used is either unknown or has expired. One should therefore carefully consider whether one can trust the visited website. The operation of SSL encryption is as follows: If you type "https" at the beginning of the desired Internet address, the Internet browser requests a certificate from the addressed server. In order for the certificate to be returned, the server must receive its certificate from a certification authority. Then he sends it back to the browser so he can check it. For this purpose, he receives information about the validity of the requested certificate from the directory service of the certification authority. Using this data, the browser is now able to check whether it is actually connected to the corresponding server. Upon successful verification, the browser signals a secure connection to the user. Most browsers use a small closed padlock, which can be seen in the address bar itself or at the lower right margin in the browser window.

For a valid SSL certificate, the computers now communicate via a symmetric key, which can pass in the secure asymmetric encryption. To enhance this security, the browser sends some test messages before the start of the actual data transfer, which can only be answered by the server if it is actually the server that it pretends to be.

The big advantage of SSL protocols is the independence between applications and systems. It is guaranteed by the ability to implement higher protocols based on the SSL protocol. However, SSL-encrypted transfers are very compute-intensive and can therefore lead to a slow-down in the connection setup on the server side. Depending on the algorithm used by the browser for encryption, it takes little computing power.

A well functioning SSL encryption is characterized by the fact that the data sent is absolutely secure. The content of sent messages is only encrypted via the network. In addition, effective algorithms check the data for their completeness and status before they arrive at the recipient. SSL is now the standard for browser encryption. In addition, there are still other methods to protect data on the Internet from the unauthorized access of third parties, such as TLS ("Transport Layer Security"). TLS is the successor to SSL 3.0 and is often referred to as SSL 3.1. It extends the possibilities of encryption by the "Advanced Encryption Standard" (AES). TLS uses the complex Triple-DES ("Data Encryption Standard" or "Data Encryption Standard") and other algorithms as the basis for its encryption. This also supports the encryption of emails and also serves as a proof of identity for commercial transactions via the Internet.