I'm unclear as to exactly what this means and how it works. I found someone's website recently, they guaranteed it was secure, and listed what companies "covered" the security. I sent an email to them and, unlike all of my other sent correspondence to other people and websites, there was no acknowkedgement in my "Sent" folder. Why? The website flashed a message to the effect of "Thank you for writing to me." after I clicked "Submit." Please explain ALL OF THIS. I'm confused. Thanks y'all!
2007-07-21 14:37:32 · 3 answers · asked by Anonymous in Computers & Internet ➔ Internet ➔ Other - Internet
For a sure web site look for the https, not http, at the beginning of the URL.
https is a URI scheme used to indicate a secure HTTP connection. It is syntactically identical to the http:// scheme normally used for accessing resources using HTTP. Using an https: URL indicates that HTTP is to be used, but with a different default TCP port (443) and an additional encryption/authentication layer between the HTTP and TCP. This system was designed by Netscape Communications Corporation to provide authentication and encrypted communication and is widely used on the World Wide Web for security-sensitive communication such as payment transactions and corporate logons.
Strictly speaking, https is not a separate protocol, but refers to the combination of a normal HTTP interaction over an encrypted Secure Sockets Layer (SSL) or Transport Layer Security (TLS) connection. This ensures reasonable protection from eavesdroppers and man-in-the-middle attacks.
An https: URL may specify a TCP port; if it does not, the connection uses port 443 (for unsecured HTTP, it uses 80).
To prepare a web-server for accepting https connections the administrator must create a public key certificate for the web-server. These certificates can be created for Unix based servers with tools such as OpenSSL's ssl-ca [1] or SuSE's gensslcert. This certificate must be signed by a certificate authority of one form or another, who certifies that the certificate holder is who they say they are. Web browsers are generally distributed with the signing certificates of major certificate authorities, so that they can verify certificates signed by them.
Organizations may also run their own certificate authority, particularly if they are responsible for setting up browsers to access their own sites (for example, sites on a company intranet), as they can trivially add their own signing certificate to those shipped with the browser.
Some sites, especially those operated by hobbyists, use self-signed certificates on public sites. Using these provides protection against simple eavesdropping, but unlike a well-known certificate, preventing a man-in-the-middle attack with a self-signed certificate requires the site to make available some other secure method of verifying the certificate. For example, a site may publish a telephone number over which visitors may verify the checksum.
The system can also be used for client authentication, in order to restrict access to a Web server to only authorized users. For this, typically the site administrator creates certificates for each user which are loaded into their browser. These normally contain the name and e-mail address of the authorized user, and are automatically checked by the server on each reconnect to verify the user's identity, potentially without ever entering a password.
If you sent someone a message using a form on their web site you will not get acknowledgment in your "Sent" folder. The mail is sent by the form by what is called a post which submits the form to their agent for processing (e.g., to a Web server, to their mail server).
2007-07-21 14:46:12 · answer #1 · answered by Robert S 6 · 0⤊ 0⤋
Secure websites are sites in which information sent from your computer to the website server and vice-a-versa is encrypted. Encryption is the process whereby the data is scramble so that it is unintelligible to anyone who might intercept it. The data is only readable to intended recipient. People have already mentioned how you can tell if a site is secure. Usually, on the address bar, you will see a padlock icon and the address will read https://www... instead of the regular http://www.... The strength of the encryption is usually stated as 128 bit or 256 bit encryption, the higher the number the more secure. As for why your e-mail did not appear in your "sent" folder, I don't have an answer. As for the website response, the website owner probably included a small program on his website to automatically reply to messages sent to him/her.
2007-07-21 14:58:54 · answer #2 · answered by What the...?!? 6 · 0⤊ 0⤋
You'll notice when you enter into a secure website there a padlock looking symbol in the address bar right before the website address.
2007-07-21 14:41:23 · answer #3 · answered by My Friend 2 · 0⤊ 0⤋