SSL - Secure Socket Layer (Stronghold)
The SSL Protocol is designed to provide privacy between two communicating applications (a client and a server). Second, the protocol is designed to authenticate the server, and optionally the client. SSL requires a reliable transport protocol (e.g. TCP) for data transmission and reception.
The advantage of the SSL Protocol is that it is application protocol independent. A "higher level" application protocol (e.g. HTTP, FTP, TELNET, etc.) can layer on top of the SSL Protocol transparently. The SSL Protocol can negotiate an encryption algorithm and session key as well as authenticate a server before the application protocol transmits or receives its first byte of data. All of the application protocol data is transmitted encrypted, ensuring privacy.
- Is it safe to shop on the Internet?
- Are Internet banking and investment transactions safe?
- How encryption keeps you safe.
- Eleven easy ways to protect yourself
- Get your own digital certificate.
Is It Safe to Shop on the Internet?
When you shop on the Internet, you have the same concerns as you do when you use a catalog to shop over the telephone.
- Impersonation: Is the business that is taking my order authentic?
- Eavesdropping: Could someone "listen in" to my order and steal my credit card number?
In the real world, you often give your credit card to cashiers or waiters, and you give out your account number over the phone when placing an order. Using your credit card number on the Internet is no more dangerous than these practices. In fact, it is often more secure to give out your account number over the Internet, because many sites work with your browser software to encode your transaction so if outside parties intercept it, they won't be able to read it.
Netscape products counter security threats with a technology called SSL (Secure Sockets Layer). SSL is a set of rules followed by computers connected to the Internet. These rules include encryption, which guards against eavesdropping; data integrity, which assures that your communications aren't tampered with during transmission; and authentication, which verifies that the party actually receiving your communication is who it claims to be.
To check a site's security status, look at the site's URL in your browser window. An "s" added to the familiar "http" (to make "https") indicates that SSL is in effect. In Netscape Navigator 3.0 and earlier, the broken key symbol in the lower-left corner of your browser window becomes solid when you are in secure mode. In Netscape Communicator 4.0 and 4.5, the padlock symbol in the corner, usually open, is closed in secure mode. In Internet Explorer 4.0, a closed padlock appears when you are in secure mode.
If you're about to send information to a site that's not using SSL, your browser will warn you first.
SSL protects your communications during transmission. However, you must also protect yourself by dealing only with Internet companies you are certain you can trust, just as you deal only with merchants who won't share your credit card numbers with others.
The Federal Trade Commission is increasing its surveillance of Internet fraud, and the National Consumers League has created the Internet Fraud Watch, an online service for reporting frauds.
Are Internet Banking and Investment Transactions Safe?
Online banking and investment services, and your browser, also rely on encryption to protect the information in your transactions. Before your computer transmits your information to an online financial service, the information is encrypted - turned into code. When the information reaches its destination, it is decoded. Anyone who intercepts the information during transmission receives only gibberish. Online financial services also encrypt all information they transmit back to you.
The "Suspicious Internet Banking" Web Site
To help detect potentially fraudulent Internet banking activity, and to report any suspicious online activity you may encounter, go to the Suspicious Internet Bankingweb site.
Learn more regarding safe online shopping and banking:
- How encryption works
- Eleven easy ways to protect yourself
- Get your own digital certificate
As the most popular commercial secure Unix Web server currently available, Stronghold can claim many firsts. Standards compliance, interoperability, certification and client authentication, modular architecture, cipher support, and ongoing development are just some of the reasons why Stronghold can claim to lead the field where others follow.
First for Security
Stronghold was the first commercial Web server to support full-strength (128 bit) encryption in all versions world-wide. If you buy a secure server developed inside the USA you will get a crippled version that supports only 40-, 56-, or 64-bit keys. A panel of cryptographic experts including the inventor of public key cryptography gave a report in February 1998 that said a minimum of 90 bits was necessary to thwart advances in hacking techniques for the next 20 years.
To meet world-wide demand, Stronghold is developed outside the USA. Our international office can sell full-strength, uncrippled cryptography without being subject to US restrictions on export of encryption. Our US office sells only full-strength crypto, restricting sales to US/Canadian customers to comply with US export restrictions.
First in Standards Compliance
Stronghold is the most up-to-date and secure commercially available Apache-based server on the market today. Many companies talk about standards compliance, but C2Net delivers. Stronghold, for example, was the first commercially available server to support HTTP/1.1.
As well as being first at supporting SSL and SSL3, the popular protocols that provide communications privacy over the Web, Stronghold was the first to support TLS (Transport Layer Security&), a new protocol that industry experts expect to gain in popularity in the coming years. Whatever version of Stronghold you use, you can be sure that your server will meet current and future requirements for a long time to come.
First when it comes to speed
Those customers who have a very high volume of secure traffic may want to maximise their server's capacity by adding hardware acceleration. Stronghold was the first server supporting hardware acceleration to provide such customers with a solution. Since its introduction, Stronghold has supported the nCipher hardware cryptographic accelerator providing a high-performance scalable e-commerce platform for those who expect very high volumes of business.
Putting development first
The people behind C2Net have always been involved in Apache, and part of company philosophy is to support free software. C2Net has committed itself to Apache as part of its long-term commitment to free software. C2Net contributes exactly what the Apache Group needs: direct time and developer resources. At the same time, C2Net produces the well-known publication Apache Week. Apache Week publishes a new issue each week containing the latest news, tips, and features about the Apache server.
Virtual Hosts
Stronghold can support as many virtual hosts on a server as your platform can handle. Once Stronghold is installed, as many virtual hosts can be run as desired with just the one license. This enables you to keep your software costs to the minimum while still taking advantage of up-to-date, secure, strong 128-bit encryption technology.