There are many different types of SSL certificates based on the number of domain names or subdomains owned, such as:. Any individual or organization that uses their website to require, receive, process, collect, store, or display confidential or sensitive information. Some examples of this information are:.
Probably the most important part of an SSL certificate is where it comes from. SSL certificates are issued by Certificate Authorities CAs , organizations that are trusted to verify the identity and legitimacy of any entity requesting a certificate. You may also be able to purchase digital certificates from a domain name registrar or website hosting provider.
What is SSL? Accessed Feb. But how can the recipient be assured that this public key, or even one in a public directory, really belongs to the person which it indicates? Could not an intruder masquerade in the computer network as a legitimate user, literally sitting back and watching as others unwittingly send sensitive and secret documents to a false account created by the intruder?
The solution is the digital certificate, a kind of digital "passport" or "credential. The following figure presents a pictorial description of a digital certificate.
Every time someone sends a message, they attach their digital certificate. The recipient of the message first uses the digital certificate to verify that the author's public key is authentic, then uses that public key to verify the message itself. This way, only one public key, that of the certifying authority, has to be centrally stored or widely publicized, since then everyone else can simply transmit their public key and valid digital certificate with their messages.
Using digital certificates, an authentication chain can be established that corresponds to an organizational hierarchy, allowing for convenient public key registration and certification in a distributed environment. Once a user has a digital certificate, what do they do with it? Digital certificates have a wide variety of uses ranging from interoffice electronic mail to global electronic funds transfer EFT. In order to use digital certificates there must be a high degree of trust associated with the binding of a digital certificate to the user or organization linked with the digital certificate.
This trust is achieved by building hierarchies of digital certificates, with all members of this hierarchy adhering to the same set of policies. Digital certificates will only be issued to people or entities, as potential members of a hierarchy, once proof of identity has been established.
Different hierarchies may have different policies as to how identity is established and digital certificates are issued. Verisign operates numerous digital certificate hierarchies. The Commercial CA has a high degree of assurance as to the binding between the end user's digital certificate and the actual end user. Members of RSA's Commercial CA will have a high level of assurance, via adherence to the policies, as to who they are communicating with. This will not generally be the case when two end users, who are members of lower-assurance hierarchies, are communicating with digital certificates.
The VeriSign Trust Seal can be applied to any web site, whether or not the domain name is registered or hosted with us. If a customer configures the Trust Seal with an administrator contact designated as an individual rather than an organization, the administrator's address must be in the United States. To sell the VeriSign Trust Seal using the PurchaseServices command and the account balance, use the input parameters in the following table.
The VeriSign Trust Seal does not support our credit card processing.
0コメント