In the time of ubiquitous digitalization, where teenagers permanently use Facebook or YouTube. The subject of security and privacy is being raised more and more frequently.
Is the situation when our browsers persistently record any activity on the web. Can we talk about privacy?
I would not like to analyze, in terms of this entry, whether it is a good or bad situation. Probably there would be a lot of pluses and disadvantages to the development of our digital world.
We have #TechnoMonday so let’s focus on the technical aspect of guaranteeing our security and confidentiality in the digital world.
Logs encrypting connections are known not from today. The history of SSL certification, or Secure Socket Layer, dates back to 1994. When Nescape created this protocol for encrypted, secure electronic communication.
In the initial phase, this protocol was used in electronic banking and other confidential IT systems. Such as auction systems.
Is it worth using SSL?
A few years ago, I would say that it is a very cautious foresight. Web technologies were less relational to the user. The website was more informative.
At the present time, using a website, or rather a web application, we can arrange appointments to the doctor, handle official matters and make transfers, and buy products or services.
Our browser knows what we like, what content is right for us, matching the browser window to our predispositions and needs.
If you are a conscious Internet user, a creator who cares about the information security of the content recipients of your website. I think that providing your own website with a secure protocol is not a whim but a necessity.
If your site downloads any data, even the date of the last visit to the site using a small cookie. It would be good to encrypt the connection on the user’s server path.
Well, we already know that you care for the safety of your readers or future readers. Maybe you do not have your internet publication yet, so I strongly encourage you to create it from this place.
Let’s go back to the protocol itself, because here we have several types. Let’s discuss them one by one.
DV class (Domain Validation) certificate
As you can already visualize the domain is certified, and the encryption covers the scope of this domain. The certificate is issued based on verification that the CSR (Certificate Signing Request) contains the same subscriber data as in the WHOIS database for the domain whose certification applies.
Just remember that this type of certification does not verify the organization’s data, which is not very suitable as a security for advanced transaction systems.
The next level of certification is an OV class certificate (Organization Validation)
This type of certificate guarantees encryption of the transmission of the opera for the validation of the domain through company data. Typically, this type of certification takes longer, but the security guarantee is based on the full data of the person applying for the certificate.
One could assume that perhaps the encryption itself proceeds in a manner analogous to the previous certificate method. The difference is in the way the guarantor of the owner of the secured domain checks it.
This gives us greater confidence in the content provider in such a secure domain. Of course, the complexity of this method translates accordingly in the cost of certification.
Green Contractor ie Certificate of EV class (Extended Validation)
The green address bar in the browser window and released https: // is the Extended class certificate. It testifies to the complex verification process a two-step verification of the domain through the contractor’s data as well as telephone or personal contact of the certificate guarantor with the certificate buyer. It is to be the guarantee of the largest guaranteed security guarantee.
In addition, the certifications in this version have much greater encryption strength. The encryption key can be between 40 bits and 256 bits long. Depending on the capabilities of the client server that uses this key.
This is one of the more expensive certification methods for this on a larger scale is used by large corporations and banks.
Google also liked SSL
Google also sees the benefit of domain certification and has therefore begun favoring certified domains. Therefore, I also think that for this pragmatic reason, one should bow to the side of these protocols.
I would not like to go into more details and the intricacies of this topic. I hope that this article dispelled some of the ambiguities associated with the magic “s” at “http:” ?
It’s true that rafalwielgus.eu maybe I did not secure the most reliable key, but you see, I try to make it as safe as possible when reading these words.
If you liked the article or you have any comments, leave yourself in the comment.
I want to give you always the most values