Can someone explain SSL to me?


  1. Posts : 334
    7 home premium 64 bit
       #1

    Can someone explain SSL to me?


    What I understand: SSL Is used by many sites. Basically it is an encrypted connection between you and a website. When you go to a store like newegg it has SSL. You know you are connected via SSL when the web address has a https rather than a http.

    What i don't understand: Why don't we have it on all the time? They say that it is dangerous but they don't explain why. Why is it dangerous to be connected to HTTPS whenever it is available? After all we trust are finial info with it when we shop.

    I little bit of explaining would be nice. Thanks
      My Computer


  2. Posts : 1,449
    Windows 7 ultimate 64-bit
       #2

    Well; granted i am not a 100% expert on this topic; however; what i do know is that it has a lot do with the fact that i believe the only real reason we need ssl and https is like you mentioned; for doing financial transactions online and shopping online and the like. The reason its not on all the time i believe is realistically because the other times when you are just surfing a site say with like news; well that really doesnt need to have a secure connection for its use because its not private or secure information. Its just a news site. In short; really the only time you really need a secure connection is for like email, doing financial transactions, and the like. There are probably better explanations than mine which you can find probably on google.
      My Computer


  3. NoN
    Posts : 4,166
    Windows 7 Professional SP1 - x64 [Non-UEFI Boot]
       #3

    In Addition you can find here some infos about which SSL Protocols Windows 7 & others MS Operating Systems handles.

    Article ID: 245030

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\SSL 2.0\Client]
    "DisabledByDefault"=dword:00000001
    Is the default key in Windows 7 x64bits
    Attached Thumbnails Attached Thumbnails Can someone explain SSL to me?-capture.png  
      My Computer


  4. NoN
    Posts : 4,166
    Windows 7 Professional SP1 - x64 [Non-UEFI Boot]
       #4

    In short terms: What is SSL?
      My Computer


  5. Posts : 2,497
    Windows 7 Pro 64 bit
       #5

    The main reason why SSL isn't used universally is cost. SSL is more than just encryption. The cost of setting up and maintaining a website for SSL is considerable. Encryption means more work for a server and there is also extra bandwidth required. For a company like Newegg it is just a part of the cost of doing business. But for many non-commercial websites the cost would be prohibitive. Many popular websites would not exist and others would have to charge for their services.
      My Computer


  6. Posts : 334
    7 home premium 64 bit
    Thread Starter
       #6

    Yes I did some research to and it mostly looked like they were worried about the resources that ssl took up. However firefox has the warning that acts like your computer will die with some ssl conections.

    From my research it is not that it is dangerous it is that their ssl certificate didn't cover that portion of the website.
    This is from a website that i cant remember were i saw it.
    Unofficial quote that i tried to pull out of memory.
    Some websites don't fully understand ssl certificates. There are several versions to purchase and most go with the cheapest. The cheapest only covers websites with "www.example.com" However if you type example.com without www the ssl certificate wont cover that website.
    So once again, if that is all it is than why dosen't firefox redirect me to "www.example.com" instead of giving me that error that i posted above? I have always seen that error before and thought "This website must be full of viruses and run away" Now the error just seems insignificant. So from my research there realy is nothing dangerous about being connected to ssl whenever possible other than some sites bought the wrong certificate.

    Also i looked at ssl and people have said that it no longer poses a problem as computer technology has grown. They claimed that ssl only accounted for 1% of their resources.

    So that is interesting stuff to know.

    Thanks
      My Computer


  7. NoN
    Posts : 4,166
    Windows 7 Professional SP1 - x64 [Non-UEFI Boot]
       #7

    computergeekguy said:
    Yes I did some research to and it mostly looked like they were worried about the resources that ssl took up. However firefox has the warning that acts like your computer will die with some ssl conections.

    From my research it is not that it is dangerous it is that their ssl certificate didn't cover that portion of the website.
    This is from a website that i cant remember were i saw it.
    Unofficial quote that i tried to pull out of memory.
    Some websites don't fully understand ssl certificates. There are several versions to purchase and most go with the cheapest. The cheapest only covers websites with "www.example.com" However if you type example.com without www the ssl certificate wont cover that website.
    So once again, if that is all it is than why dosen't firefox redirect me to "www.example.com" instead of giving me that error that i posted above? I have always seen that error before and thought "This website must be full of viruses and run away" Now the error just seems insignificant. So from my research there realy is nothing dangerous about being connected to ssl whenever possible other than some sites bought the wrong certificate.

    Also i looked at ssl and people have said that it no longer poses a problem as computer technology has grown. They claimed that ssl only accounted for 1% of their resources.

    So that is interesting stuff to know.

    Thanks
    If you look at your certmgr.msc => untrusted certificats, you'll see that some sites have been classified untrusted/fraudulent and might be the error you encountered.

    How Windows updates root certificates

    Windows Vista and Windows 7:
    Root certificates on Windows Vista and later versions are distributed through the automatic root update mechanism. That is, they are distributed through the root certificate. When a user goes to a secure website (by using HTTPS SSL), reads a secure email message (S/MIME), or downloads an ActiveX control that is signed (code signing), and then encounters a new root certificate, the Windows certificate chain verification software checks Microsoft Update for the root certificate. If the software finds the root certificate, the software downloads the current Certificate Trust List (CTL). The CTL contains the list of all trusted root certificates in the program and verifies that the root certificate is listed there. Then, it downloads the specified root certificate to the system and installs the certificate in the Windows Trusted Root Certification Authorities Store. If the root certificate is not found, the certificate chain is not completed, and the system returns an error.

    To the user, a successful root update is seamless. The user does not see any security dialog boxes or warnings. The download happens automatically. In addition, for Windows Vista and later versions, client SKUs support weekly pre-fetching from Microsoft Update to check for updated root certificate properties (for example, extended validation (EV), code signing, or server authentication properties [that is, certificate properties that are added to a root certificate]).
    Attached Thumbnails Attached Thumbnails Can someone explain SSL to me?-capture.png  
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 04:00.
Find Us