Secure Sockets Layer (SSL)

SSL (Secure Sockets Layer) is a protocol that encrypts data traveling over a network. Its main use is to provide secure access to web sites and email servers. A web or email server that offers an SSL connection presents a public certificate to the web browser or email client; data in this certificate is used to encrypt the subsequent communications, and also serves as proof that the server is in fact who it claims to be.

Secure web browsing with SSL
You can be quite confident that data transmitted back and forth between your browser and a web site is encrypted if the URL of the page you're viewing starts with "https" and if the "closed lock" icon in your browser appears. Note that some poorly-designed sites offer an insecure login page that leads to an encrypted page; in this case, the login info will go across the network in the clear!

Occasionally your browser will warn that parts of the page you are viewing are part of a secure connection while other parts are not. If you see this, message, use caution if submitting sensitive information.

Your browser will also warn you if the server's public SSL certificate does not match the web site you're viewing, if the certificate has expired, or if the certificate has not been validated by an official Certificate Authority. The browser should give you the option to examine the certificate more closely to decide whether you want to proceed.

Secure email via SSL
It's also important to ensure that your username and password are not passed in clear text when accessing your email remotely. Virtually all modern mail clients offer the option to use SSL when making a POP or IMAP connection to a mail server. Instructions for enabling SSL for a variety of mail clients can be found here.

Updated: Wed Nov 9 10:43:14 MST 2005