What are SSL and Digital Certificates?
Secure Socket Layer (SSL) is a protocol developed by Netscape in 1996 which quickly became the method of choice for securing data transmissions across the Internet. SSL is an integral part of most web browsers and web servers and makes use of the public-and-private key encryption system developed by RSA.

In order to make an SSL connection, the SSL protocol requires that a server should have a digital certificate installed. A digital certificate is an electronic file that uniquely identifies individuals and servers. Digital certificates serve as a kind of digital passport or credential which authenticate the server prior to the SSL session being established.

Typically, digital certificates are signed by an independent and trusted third party to ensure their validity. The “signer” of a certificate is known as a Certification Authority (CA), such as thawte.

About thawte
thawte, the Certification Authority chosen by hundreds of thousands, has been innovating and delivering trusted services for more than a decade.

They enable businesses and individuals to communicate and transact securely by verifying and authenticating their identities, thus allowing them to gain the trust and confidence of millions of users. Their digital certificates are used globally to secure servers, encrypt files and communication, and validate the authenticity of applications and digital code.

Through their dedication to maintaining your security they are helping to build a trusted digital future for everyone.

When should SSL be used and what can it secure?
There are two main online security problems that digital certificates solve:

• Authentication – proving a company's (or server's) identity online and in so doing create a sense of trust and confidence in using a website.
  
• Encryption - offering protection for the data submitted to a website (or between servers) so that in the event of interception, it will be unintelligible without the unique key used for decryption.

Solving these security problems allows online business to protect against the following scenarios:

• Spoofing - The low cost of website design and ease with which existing pages can be copied makes it all too easy to create illegitimate sites that appear to be published by established organizations. In fact, con artists have illegally obtained credit card numbers by setting up professional-looking storefronts that mimic legitimate businesses.
  
• Unauthorized Disclosure – when information is transmitted "in the clear", making it possible for hackers to intercept the transmissions and obtain sensitive information from customers.
  
• Data alteration - the content of a transaction can be intercepted and altered en route, either maliciously or accidentally. User names, credit card and social security numbers as well as currency amounts, indeed any information sent "in the clear" is all vulnerable to alteration.

So what are the practical applications of digital certificates?
Firstly, looking at categories of data, the most common deployment is for securing transmission of financial information in ecommerce. However, with incidence of identity theft on the rise, protecting the transmission of a broad range of personally identifiable information is becoming ever more important. This category of data would include identity and social security numbers, e-mail addresses and demographic information as well as registration and login processes.

In terms of applications and protocols, thawte SSL certificates can be used to secure the following:

• Web Servers
• Mail Servers
• Databases
• FTP Sites
• Internet Chat
• NNTP

SSL123 Certificates
SSL123 is thawte's entry level certificate which provides validation that your domain is registered and that you have authorized the purchase of the certificate. Through SSL encryption, the certificate assures that information is kept private between your web server and your clients' web browsers.

Certificate Features and Benefits:

• Capable of delivering up to 256-bit encryption.
• Browser compatibility highest in the industry.
• Certificate details include domain name only.
• Outstanding global customer support in 25 languages
• thawte Trusted Site Seal included (available in 18 languages)
• Free reissues for the lifespan of the certificate
• Free, 24/5 multi-lingual technical support for all time zones.
• Secures Internationalized Domain Names
• Issued within minutes for domains that are registered with an accredited online registrar.
• Certification Revocation List fully supported.
• Online Certificate Status Protocol fully supported.

SSL Web Server Certificates
The thawte SSL Web Server Certificate offers comprehensive stringent authentication procedures (domain name and identity verification). It also offers 256, 128, 56 or 40-bit encryption depending on your client's browser capability and the cipher suite installed on your web server. This ensures that information is kept private while in transit between your web server and your clients' web browsers.

Certificate Features and Benefits:

• Capable of delivering up to 256-bit encryption.
• Browser compatibility highest in the industry.
• Certificate details include domain name and organization name.
• Outstanding global customer support in 25 languages
• thawte Trusted Site Seal Included (available in 18 languages)
• Free reissues for the lifespan of the certificate
• Free, 24/5 multi-lingual technical support for all time zones.
• Secures Internationalized Domain Names
• Certification Revocation List fully supported.
• Online Certificate Status Protocol fully supported.

SGC SuperCerts
The SGC SuperCert is thawte's strongest encryption certificate. It automatically steps up protection to a minimum of 128-bit encryption even if your customers use older browsers (IE 4.X or Netscape 4.06 and later) which have limited 40-bit or 56-bit encryption capabilities. 256-bit encryption can be enabled if your client's browser capability and the cipher suite installed on your web server are both 256-bit compatible.

thawte's SGC SuperCert delivers the best security for both the vendor and the user. Recent studies conducted by the Yankee Group showed that SGC-enabled certificates do deliver as described, thereby providing increased security for tens of millions of PC users if all e-commerce vendors were to use SGC-enabled certificates.

Certificate Features and Benefits:

• Capable of delivering up to 256-bit encryption with lowest possible encryption level of 128-bit protection for 99.9% of users even with older browsers.
• Browser compatibility highest in the industry.
• Certificate details include domain name and organization name.
• Outstanding global customer support in 25 languages
• thawte Trusted Site Seal Included (available in 18 languages)
• Free reissues for the lifespan of the certificate
• Free, 24/5 multi-lingual technical support for all time zones.
• Secures Internationalized Domain Names
• Certification Revocation List fully supported.
• Online Certificate Status Protocol fully supported.

SSL Web Server Wildcard Certificates
thawte's wildcard certificates offer enterprises a convenient and cost-effective option for managing multiple second level domains that are hosted on the same physical server. Like a typical SSL with full authentication thawte wildcards are capable of delivering up to 256-bit encryption, but unlike other SSL certificates that are only valid for a domain, the wildcard covers *.yourdomain.com thereby securing any number of second level domains, provided that these are hosted on the same server.

Certificate Features and Benefits:

• Capable of delivering up to 256-bit encryption.
• Capable of securing unlimited second level sub-domains.
• Browser compatibility highest in the industry.
• Certificate details include domain name and organization name.
• Outstanding global customer support in 25 languages
• thawte Trusted Site Seal Included (available in 18 languages)
• Free reissues for the lifespan of the certificate
• Free, 24/5 multi-lingual technical support for all time zones.
• Secures Internationalized Domain Names
• Certification Revocation List fully supported.
• Online Certificate Status Protocol fully supported.

Code Signing Certificates
A thawte Code Signing Certificate is strongly recommended for any publisher who plans to distribute code or content over the Internet or corporate extranets and needs to assure the integrity and authorship of that code.

Certificate Features and Benefits:

• Uses a single certificate for most platforms and applications - this is unique to thawte
• Allows you to sign active content such as ActiveX, Macros, MIDlet (J2ME) and Java Applets for secure electronic distribution over the Internet. This authenticated digital signature effectively verifies the source of your software before it is downloaded
• Outstanding global customer support in 25 languages
• Ensures that your active content or code cannot be maliciously modified
• Gives your users recourse to the person who published it
• Promotes the Internet as a secure and viable platform for content distribution
• Inspires user confidence
• CRL: Yes, Certificate Revocation List fully supported
• Has the benefit of Online Certificate Status Protocol

thawte Trusted Site Seal
Taking the proactive step of deploying digital certificates to secure a website sends a message to its users that their security is being taken seriously.

This is best communicated through the use of a thawte Trusted Site Seal – a dynamic image which provides visible proof of a website’s trusted status, and that users may transact safely and securely. Site seals should be positioned on homepages as well as secure pages within sites.

Features and Benefits:

• FREE with thawte SSL123, SSL Web Server and SGC SuperCerts
• Is a dynamic image with a direct link to the certificate server for verification
• Tells customers that they can trust online transactions conducted with you
• Provides a direct link to the Consumer Awareness Program – allowing your customers to understand the full value of your thawte certificate
• Is available in 18 languages : Brazilian, Croatian, Dutch, Danish, English, French, Finnish, German, Italian, Icelandic, Korean, Japanese, Norwegian, Portuguese, Swedish, Polish, Spanish and Slovenian
• Comes in 3 various sizes to suit your website
• Can be displayed on multiple secure pages
• Is simple to install

Internationalized Domain Names
thawte now provides SSL certificates to customers who use Internationalized Domain Names – the first and only Certification Authority to offer this. Internationalized Domain Names (IDNs) provide a convenient mechanism for users to access websites in their preferred language.

thawte's systems are now able to recognize and issue certificates that contain local language characters in all certificate fields.

What this means is that you can now buy an SSL123 Certificate, an SSL Web Server Certificate or an SGC SuperCert to secure the website you have hosted on an Internationalized Domain Name.

Not only will your secured Internationalized Domain content be reflected in the certificate details, but your thawte Trusted Site Seal will also reflect your local language content. thawte systems are also fully internationalized across all SSL certificate product line details including Code Signing Certificate enrolments.