When you visit what is known as a Secure website, perhaps the only indication you notice is that the web address at the top of your browser has changed from http:// to https://. In the background, however, a series of exchanges take place to ensure that the website is legitimate and the communication between your computer and the Internet is secure.
Prior to the website initially being published, the site owner contacts a third-party Certificate Authority (CA) such as Verisign, Equifax, or one of dozens of other trusted sources, whose job is to ensure that, when your browser points to http://www.microsoft.com/, you really are viewing http://www.microsoft.com/. The website publisher registers with the CA, verifying its identity and the identity of the website. In return the CA issues to the website a unique digital certificate.
When you now visit a secure page on a website, that site sends to your computer its digital certificate. Your browser next contacts the Certificate Authority to verify that the certificate you received is valid for the website you're visiting. This happens automatically, and in most cases your browser simply displays the secure web page. However, if there is a problem with the digital certificate, the browser displays a warning message advising not to proceed to the website.
Certificate errors happen if the information contained within the certificate doesn¹t match the website you¹re visiting: for example, you're visiting http://www.verizon.net/, but the digital certificate was issued to http://www.verizon.com/; or, the certificate has expired (they must be periodically renewed by the website publisher); or, if the certificate has been tampered with. The certificate error displayed by the browser indicates the nature of the problem.
You may also receive a certificate error when visiting your secured internal office website. Typically, this happens because publishers of strictly internal websites don¹t register the site with a Certificate Authority; instead, they create their own digital certificates. When your browser visits this site, it receives a certificate which it is unable to verify via a third party, and you see a warning advising you not to proceed. In this one exception, if you are absolutely certain you are at the correct website, you may click to proceed past the certificate error.
Whenever you visit a website requesting personal information (social security numbers, credit card information, etc.) be absolutely certain the site is legitimate. Only go to sites that you know and trust. Make sure the link at the top of your browser shows https and not http (this indicates that the communication is encrypted). Finally, verify that your site is secure and has a good digital certificate - look for the image of the closed lock (at the top of the window in Internet Explorer 7 and at the bottom in earlier versions; in Internet Explorer 8, click on Safety from the top menu and select Security Report).
------------------------------------------------
No comments:
Post a Comment