Find the best SSL Certificate prices for your website today!
3d Secure: is an XML-based protocol used as an added layer of security for online credit and debit card transactions. It was developed by Visa to improve the security of Internet payments and offered to customers as the Verified by Visa service. 3-D Secure adds another authentication step for online payments.
Application Protocol: an application protocol is a protocol that normally layers directly on top of the transport layer (e.g., TCP/IP). Examples include HTTP, TELNET, FTP, and SMTP.
Authentication: authentication is the ability of one entity to determine the identity of another entity.
Block Cipher: a block cipher is an algorithm that operates on plain text in groups of bits, called blocks. 64 bits is a typical block size.
Browser Recognition: the percentage of browsers that recognize a CA’s certificate.
Bulk Cipher: a symmetric encryption algorithm used to encrypt large quantities of data.
Certificate Authority (CA): a CA creates an SSL certificate. The companies wrap their key around your public key in a process called "digitally signing" the key or “digital signature”. GoDaddy is a Certificate Authority.
Certificate Authority Site Seal: the logo or banner that you install on your website from SSL certificate authority. It's one of the ways a visitor will recognize that your website has an SSL certificate. Read more about why CA site seals are important in this Network Solutions SSL Review.
Certification Practice Statement: CPS is a document published by the CA which outlines the practices and policies used by the organization in issuing, managing and revoking digital certificates.
Certification Revocation List: CRL is a digitally signed data file containing details of each digital certificate that has not been revoked. This can be downloaded and installed into the browser that the user will use, ensuring that the browser will not trust a revoked digital certificate.
Chain Certificate: a chained certificate is one where the signer was not a Root CA. In other words, the certificate the CA used to sign a request was signed by another CA. In this instance, a “chain” of signing certificates is required to verify trust. For example, let’s say you have a server certificate request and you give the request to company A. Company A is not a Root CA, but they have a signing certificate signed by company B. Company A signs your certificate. When a web browser attempts to verify the trust of your certificates, it must verify the trust of Company B and Company A. If company B ever decides that Company A is a no-good company that does not deserve to have a signing certificate, it can revoke the certificate, rendering Company B’s certificate un-trusted along with every certificate they signed (including yours).
Cipher Block Chaining (CBC): CBC is a mode in which every plaintext block encrypted with the block cipher is first exclusive-OR'ed with the previous cipher text block (or, in the case of the first block, with the initialization vector).
Cipher Strength: indicates how strong the encryption of a certificate is. The larger the cipher strength, the more difficult it is for hackers to un-encrypt communication. Most certificates have 128 bit cipher strength. It is important to note here that a higher cipher strength means the data is more secure, but the process of encrypting and decrypting messages between two trusted individuals requires computer processing power. The larger cipher strengths require much more processing power. If a 256 cipher strength were used on a web server that was very busy, the act of decrypting and encrypting communication might slow the server down enough to be unusable. Generally 128 bit is considered a good balance between security and speed.
Certificate: as part of the X.509 protocol (a.k.a. ISO Authentication framework), certificates are assigned by a trusted Certificate Authority and provide verification of a party's identity and may also supply its public key.
Certificate Signing Request (CSR): is generated with your Web server software, and contains both the public key portion of your Web server's key pair and the Distinguished Name (DN) of your Web server. Follow the instructions provided in your Web server's documentation to generate a CSR.
Client: the application entity that initiates a connection to a server.
Client Write Key: the key used to encrypt data written by the client.
Client Write MAC Secret: the secret data used to authenticate data written by the client.
Connection: is a transport (in the OSI layering model definition) that provides a suitable type of service. For SSL, such connections are peer to peer relationships. The connections are transient. Every connection is associated with one session.
Data Encryption Standard (DES): is a very widely used symmetric encryption algorithm. DES is a block cipher.
Digital Signature Standard (DSS): a standard for digital signing, including the Digital Signing Algorithm, approved by the National Institute of Standards and Technology, defined in NIST FIPS PUB 186, "Digital Signature Standard," published May, 1994 by the U.S. Dept. of Commerce.
Digital Signatures: digital signatures utilize public key cryptography and one-way hash functions to produce a signature of the data that can be authenticated, and is difficult to forge or repudiate.
Distinguished Name (DN): this is information about your organization and your webserver. It’s part of the Certificate Signing Request (CSR).The information is used to create your Web server certificate's Distinguished Name (DN).
Domain SSL Certificate: a digital SSL cert where the ownership of the domain is verified. This is the lowest level of SSL certification. Register.com has the best deal on domain SSL certs.
Extended Validation SSL Certificate (EV): this certificate offers a very high level of security. It requires identity assurance, and explicitly states that your identity as a reputable and viable business has been independently verified. This is the “turn your browser bar green” SSL. Extended Validation (EV) certificate is the highest level of validation. Get an EV Digital SSL cert if you’re a high traffic ecommerce site, or if you require the highest level of validation for competitive purposes. Get the best extended validation SSL certificate price here.
Free SSL Certificate Trial: some SSL cert companies will offer a free 30 day trial. See an example of a free SSL certificate trial.
Handshake: an initial negotiation between client and server that establishes the parameters of their transactions.
Initialization Vector (IV): when a block cipher is used in CBC mode, the initialization vector is exclusive-OR’ed with the first plaintext block prior to encryption.
Message Authentication Code (MAC): is a one-way hash computed from a message and some secret data. Its purpose is to detect if the message has been altered.
Master Secret: secure secret data used for generating encryption keys, MAC secrets, and IVs.
MD5: is a secure hashing function that converts an arbitrarily long data stream into a digest of fixed size.
One-way hash function: a one-way transformation that converts an arbitrary amount of data into a fixed-length hash. It is computation- ally hard to reverse the transformation or to find collisions. MD5 and SHA are examples of one-way hash functions.
Payment Gateway: enables internet merchants to accept online payments via credit card and e-check.
PCI Compliant: online businesses should follow strict security regulations on how to process credit and debit cards, install web application firewalls, and have the latest software to stop viruses, Trojans, worms, and hackers. Once a business becomes PCI compliant they are verified as meeting a strict code of security protection.
PKI certificate: which stands for Public Key Infrastructure certificate, allows someone to combine their digital signature with a public key and something that identifies them, an example being their real life name. This certificate is used to allow computer users to show that they do own the public keys they claim to.
Private SSL: a SSL certificate that you purchase just for your website use is a private SSL. Your secure URL will look something like https://secure.yourdomain.com.
Public key cryptography: a class of cryptographic techniques employing two-key ciphers. Messages encrypted with the public key can only be decrypted with the associated private key. Conversely, messages signed with the private key can be verified with the public key.
Public Key Infrastructure: PKI combines a digital signature with a public key to identify someone. It is simply a certificate that allows computer users to show that they do own the public keys they claim to. A digital signature is needed for the PKI certificate before this is issued for any particular person or company. The signature can be made by an authority figure who assigns the certificate and the person whose identity is being confirmed. PKI certificates are used to authenticate cryptographic public keys. This certificate allows other people to verify that they are indeed communicating with the right person who is using the right public key.
SSL Reseller: a company that is not a certificate authority, but still sells SSL certificates is called a SSL reseller. Dotster is an example. Dotster sells GeoTrust and Verisign SSL certs.
RC2, RC4: proprietary bulk ciphers from RSA Data Security, Inc. (There is no good reference to these as they are unpublished works; however, see [RSADSI]). RC2 is block cipher and RC4 is a stream cipher.
RSA: a very widely used public-key algorithm that can be used for either encryption or digital signing.Salt:Non-secret random data used to make export encryption keys resist precomputation attacks.
Server: is the application entity that responds to requests for connections from clients. The server is passive, waiting for requests from clients.
Server Gate Cryptography: This provides for additional bits more than the standard 40 bit encryption required. Having more of this means a longer key is used, which results to the prevention of a 3rd party from breaking through.
Session: a SSL session is an association between a client and a server. Sessions are created by the handshake protocol. Sessions define a set of cryptographic security parameters, which can be shared among multiple connections. Sessions are used to avoid the expensive negotiation of new security parameters for each connection.
Session Identifier: is a value generated by a server that identifies a particular session.
Server Write Key: the key used to encrypt data written by the server.
Server Write MAC Secret: the secret data used to authenticate data written by the server.
SGC SSL Certificate: there is an added layer of security – on top of what is provided in the standard SSL certificate – when you go with an SGC certificate. You end up with 128 or 256 bit encryption, rather than the standard 40 bit encryption. Having more bits means that there is a longer key, and therefore it's more difficult for third parties to break through.
SHA: the Secure Hash Algorithm (SHA) is defined in FIPS PUB 180-1. It produces a 20-byte output [SHA].
SHA1: is a cryptographic hash function designed by the National Security Agency (NSA) and published by the NIST as a U.S. Federal Information Processing Standard. SHA stands for Secure Hash Algorithm. The three SHA algorithms are structured differently and are distinguished as SHA-0, SHA-1, and SHA-2. SHA-1 is very similar to SHA-0, but corrects an error in the original SHA hash specification that led to significant weaknesses.
Shared SSL: shared SSL means using, or sharing, your web hosting company's SSL certificate. Your secure URL with shared ssl uses your host's domain (e.g., https://secure.yourhost.com/~yourbusinessname).
SSL Acceleration: is a method of offloading the processor-intensive public key encryption algorithms involved in SSL transactions to a hardware accelerator. Typically, this is a separate card that plugs into a PCI slot in a computer that contains one or more co-processors able to handle much of the SSL processing.
SSL Proxy: if you want to anonymously browse and unblock sites as Facebook, Spotify, Twitter, youtube, bebo, myspace, ebay, and other sites, while you're a work or another location that blocks websites then you can use a ssl proxy server. SSL web proxy 's uses data encryption to help ensure that the data you transmit and receive through a SSL proxy is private and secure.
SSL VPN: (Secure Sockets Layer virtual private network) is a form of VPN that can be used with a standard Web browser. In contrast to the traditional Internet Protocol Security (IPsec) VPN, an SSL VPN does not require the installation of specialized client software on the end user's computer. It's used to give remote users with access to Web applications, client/server applications and internal network connections.
Standard SSL Certificate: this certificate is fairly limited, providing protection to only one domain name. If you have more than one domain, or a sub-domain, this certificate is not going to cut it, since you would have to obtain an SSL certificate for each. However, this is very commonly used, and just about all of the browsers recognize the standard SSL certificate. Get the best price on a standard SSL Certificate here.
Stream Cipher: an encryption algorithm that converts a key into a cryptographically-strong key stream, which is then exclusive-OR’ed with the plaintext.
Stunnel: a GNU program allowing to encrypt arbitrary TCP connections inside Secure Sockets Layer (SSL).
Transport Layer Security: or TLS, in common use it's a method of combining the advantages of public-key cryptography, external third-party (out-of-band) validation, and per-session encryption.
Unlimited Server License: means that one SSL certificate can be used on multiple servers. GoDaddy's SSL Certs come with an unlimited server license.
Find a SSL Certificate for your website. Click on the link corresponding to the type of cert you need to find a Certificate Authority to buy your SSL Certificate from: Domain verification SSL Certs; Standard SSL Certs; Wildcard Certificate; and Extended Validation SSL.