SSL - What is it?

Can somebody explain exactly what SSL is and what the point of having a security certificate would be?

Also, is it true that https:// sites are harder for schools / job networks to block?

 

Secure Sockets Layer such as VeriSign is a big name. To make your site more secure for things such as shopping carts or transferring sensitive data like credit card numbers. I would say no.. schools block whatever they want any schmo can buy a cheap ssl and the school would still block their site.

justin

 

yes and no, proxies are dime a dozen and as such blocking via proxy is harder. However the data being transmitted via SSL is encrypted.
Any site can issue a SSL cert, but the trick is to get it verified and signed by a reputable third party.

 

So thenetninja are you saying that it's harder to block them on https?

When my internet was taken away at school I could go to certain sites using https

 

keep in mind 'some' places block addresses, and 'some' places content. A school or work blocking content will have a far harder time blocking through SSL as the data is encoded from the webserver all the way to your browser. (Hence why you only purchase with a CC through SSL, it reduces the risk quite significantly of eavesdropping on the transmission).

Places which block addresses, can be circumvented (again) through a proxy. Keep in mind 'most' of these proxies are not SSL capable so your transactions between your browser and the proxy are NOT secure. (And arguably, your connection from the proxy to destination server are not secure either).

 

How would I get a valid SSL certificate?

 

various companies will 'sign' an SSL certificate, but the cheapest place I have found so far is GoDaddy (Do a search for GoDaddy coupons ) and you can get one for $14 for a year

 

Just to clarify the point here, SSL certificates are something a website has, not something a user of the website has. This means that getting one is not useful for you unless you run your own website.

 

I do run my own websites. Do they just give them to you if you buy them or do you have to apply for them and get approved or what?

 

There are varying levels of SSL certificates:

The cheap ones will just be automatically approved and do the job of encrypting between the server and client well.

The most expensive ones will do identity verification to confirm that you're a valid person / company, and will then issue the certificate. The certificate from each provider does the same thing, the most expensive verified certificate is just an assurance to your customer, that you are who you say you are.