As I do...I have a problem going too depp, when it suppose to so I am going in here.....
Most(almost all) of the credit card transaction is done over the connection called SSL (secure socket layer) This means there is another layer working with HTTP layer...
Remember: you are able to surf www.wnso.org because there is a HTTP protocol, working with you....There is his another best friend called SSL protocol..who works perfectly well with HTTP protocol...He feels the same way that...HTTP feels
So...here is a deep relation between SSL and credit card transaction like husband and wife or the Boyfriend and GF , Lemme explain you in a short who uses SSL,
Who uses SSL?
Anybody who cares for their customers information (ie...institution).... Used by many internet banks, online career services etc. But anyone who's approved by a certificate user can implement it.
So here we go....That's all it about,
Then what the heck is SSL?
In a very simple way ....your best frienfd He loves so much...
Since he is my best friend, How will he work with me?.....alikati dhairya aba alik sochna parcha
It's little trick here....SSL is a protocol that offers secure transmission over the HTTP-protocol. It has become a standard for authentication and encryption between web browsers and servers..... If you use SSL in your web applications itís close to impossible to steal the exchanged information. ...bujyo?..ki bujena If you donít, itís very easy. SSL has two implementations: Server-side certificate implementation and server and client-side certificate implementation. This article explains the first, because it's the most commonly used.
SSL does three things:
1.Tells the client if the server is who he claims to be or not.remember this..
2.Encrypts the transmission.
3.Will notice if data has been tampered with during transmission.
Obviously, the implementation of SSL requires a certificate (Identity), which is provided by an SSL-providor, for eg Verisign. The providor only issues certificates to approved customers. They have certain procedures to check out a customer, so they donít deliver to crooks. The server admin will put the certificate on the server and enable SSL. Itís also important that browsers which will communicate with the server support SSL and have SSL enabled.
The SSL handshake: ( kasari connection secure hunchs ta ? )
When you host a server and you get your certificate....I personally choose hosting company it proves that the server is safe and belongs to you. A transmission is started with an SSL handshake that authenticates the server. When a browser requests document from the server, the URL will change from Ďhttpí to Ďhttpsí. The browser will also display a lock icon, and when the lock is clicked with the mouse, the certificate will be displayed so that the user can check it out. If the certificate isnít valid or has expired, the browser will automatically message the user.
SSL uses a 128-bit (connection speed) RSA-algorithm. The higher number the better, and 128 takes quite a while to crack. How does the key stuff work? Well, RSA uses PUBLIC and PRIVATE keys( yo sbailai thaha huna pardaina...it just will work..the way it meant to be) The server issues a public key to the client (browser), which encrypts itís information with it and sends the encrypted message back to the server. T
he server then... decrypts the information with itís private key. Whatís important here is the public key cannot decrypt the message, only the private key. Thatís whatís so fantastic about the RSA algorithm.
So here's how
Always make sure you see HTTPS instead of HTTP like for eg
You gotta see https://www.wnso.org (non existent)
the only difference is S....then you can go ahead..
Edited by Negative Phreek, 29 January 2005 - 04:22 PM.