SSL Strengths and Weaknesses Revealed!

SSL, otherwise known as Secure Sockets Layer or Transport Layer Security (TLS), is a protocol that provides a secure channel of communication for two programs. This creates endpoints for communication called the “sockets” to affect connections. A bit of the process can be compared with TCP, but the encryption capabilities present in SSL are greater than TCP. Created by Netscape, the privacy of communication and data is ensured because the encryption technology is capable of verifying the identity of the parties involved in the communication. SSL is important in dealing with a complete server, which requires transmitting sensitive information on a web site. The encrypted connection is created between the web server and web browser, which forestall possible point of data tampering, identity theft, fraud, and eavesdropping.

To identify the security and privacy of communication, the SSL encryption is identified through the presence of padlock icon in web browsers or green-colored address bar. To enable SSL on websites, SSL certificates must be obtained by purchasing the same from certificate authority. Purchase of ssl certificates must be made only from trusted and reputable authority. Once the requirements are complied with, private and public keys may be used in decrypting message depending on the nature of keys used to encrypt a message. In any case, a public key encrypted message can only be decrypted using a public key or vice versa. The SSL certificate is issued with a public key.

The SSL Handshake will verify the genuineness of server’s certificate. If the certificate is authentic, encrypted application data can be sent. Basically, the foregoing discussion displays the advantages of SSL.

However, one of the disadvantages of SSL Certificate is that the flow of communication is slower than without SSL. The process of SSL handshake gives each communicator added works. The site performs slowly because nothing is cached. Reloading all images, style sheets, and scripts, will be done for each new page. This may be disadvantageous to both the server and client. However, the process is needed to allow visitors to come in and go. To lessen the effect, simpler web design will help a lot.

Another thing to consider is the study made by Ethical Hackers. They have already spoken and discovered that the use of SSL does not give a 100% privacy and security assurance. Based on their research, 30 per cent of SSL sites are unsecure.

Nevertheless, the use of SSL will build confidence among clients. It should be noted that clients, especially those availing of online payment method feel more secure to push through with their payment if they are guaranteed of nondisclosure of their personal and bank details.


Source by Oliver Macpherson