Web Certificates
Frequently Asked Questions About
Web Certificates
1. What is a Web-Certificate?
2. How does a web-certificate
work?
3. Can you explain
how a web certificate works in "Plain
English"?
4. How can someone
discern whether a website is using
a web certificate or not?
5. How are your web
certificates trusted by the browsers?
6. What browsers will
my web certificate work with?
7. How do your web
certificates work for different
versions of browsers?
8. How long does it
take to get a web certificate?
9. How strong are
Tucows server certificates?
10. Is my web
certificate tied to my IP address?
11. I am using several
servers in a load-balancing configuration.
How many web certificates do I need?
12. How do I correct
information on my web certificate
after it has been issued to me?
13. How do I check
the status of my web certificate
request?
14. How will I know
if my enrollment was successful?
15. How much do your
web-certificates cost?
1. What is a Web-Certificate?
A Web Server Certificate permits
securer communication between a
client and a server (say a customer’s
browser and a web retailer’s
server) or two servers (any servers
who want to "talk" securely
amongst themselves). Simply stated,
a web-certificate is a digital document
that has unique codes to identify
the holder of the certificate to
the person accessing the site.
A Personal Certificate is issued
to individuals to certify their
identity. One can use them to digitally
sign email, documents, jar files
etc. to prove that they were the
author, and that the files have
not been tampered with.
Acciss.net will be offering Web-Server
certificates currently. Personal
Certificates may be offered at a
later time along with other security
products.
Back
to Top
2. How does a
web-certificate work?
A Web-certificate functions as
follows:
Whenever anybody transacts with
a "secure" web-site, their
browser (or server) authenticates
the identity of the web-site using
the web-certificate
If the site’s certificate
is not valid, a warning is issued
to the user, otherwise the web-cert
creates an SSL (Secure Server Layer)
session and encrypts any information
exchanged during that session
This prevents communication from
being intercepted and deciphered
by nefarious people on the Internet.
Back
to Top
3. Can you explain
how a web certificate works in "Plain
English"?
A Basically, when two parties (say
a customer and the Amazon.com web-site)
wish to "talk" securely
(transfer the customer’s credit-card
number to Amazon.com), then a web-certificate
sets up a "secure" session
that first verifies the true identity
of the party that requests data
transfer (Amazon.com).
If a certificate is valid, the
other party (the customer) gets
a message saying that its OK to
"talk" to them (Amazon.com),
as they are who they say they are.
The other party (customer) then
transfers the info (CC number) securely,
without fear of any nefarious elements
intercepting the data.
If the certificate is invalid,
a message pops up saying so. Transactions
can still occur, but at the risk
of counter party fraud (It may be
joesbooks.com tying to appear as
Amazon.com)
Back
to Top
4. How can someone
discern whether a website is using
a web certificate or not?
The pages of a web-site which are
secured by a web-certificate are
characterized by the following traits:
The URL of the secure web-pages
change from http://... to https://
A lock symbol appears in the lower
left-hand (right hand) status bar
in Netscape Navigator (Internet
Explorer).
If one wants to view and verify
the encryption information of the
secure pages, onw should simply
undertake the following:
In Netscape - click on the lock
symbol above and select "View
Certificate" button
In Internet Explorer - double-click
on the lock in the lower right-hand
status bar.
Back
to Top
5. How are your
web certificates trusted by the
browsers?
Our web certificates are automatically
and transparently trusted by browsers.
This trust is established because
our supplier’s Root Certificate
has been embedded in all major browsers.
Back
to Top
6. What browsers
will my web certificate work with?
The web certificates we issue work
with 99% of the browsers in use
today.
Back
to Top
7. How do your
web certificates work for different
versions of browsers?
Netscape 4.72 and newer
The root certificate is embedded
in this browser
Netscape any version before 4.72
The root certificate has been cross
certified by a CA that is embedded
in this browser
Internet Explorer 5.01 and newer
The root certificate is embedded
in this browser
Internet Explorer any version before
5.01
The root certificate has been cross
certified by a CA that is embedded
in this browser
Cross Certification: The process
by which two Certificate Authorities
(CA) certify each other's trustworthiness.
Back
to Top
8. How long does
it take to get a web certificate?
Companies will usually receive a web certificate within three
business days after the verification has been complete. The
verification period varies and relies greatly on the information
provided by the company during the application process. Call
an Acciss.net sales representative at 604.574.7225
or 1.800.661.1775 for more information.
Back
to Top
9. How strong
are Tucows server certificates?
Tucows server certificates are
1024 bit capable and support 128
bit browsers.
The strength of the public key
in the certificate is defined by
you when you generate the key pair
for your server. If you generate
a 1024-bit key pair and submit the
associated CSR (Certificate Signing
Request), then the certificate you
receive contains the 1024-bit public
key. If you generate a 512-bit key
pair then the certificate contains
the 512-bit public key.
Back
to Top
10. Is my web
certificate tied to my IP address?
No, server certificates do not
contain any information about IP
addresses. However, the domain name
listed in the server certificate
must match the domain name of the
server on which the Web server certificate
is installed. The domain name can
be mapped to any IP address.
Back
to Top
11. I am using
several servers in a load-balancing
configuration. How many web certificates
do I need?
You will need one web certificate
for each of your secure servers
(including any virtual servers).
Back
to Top
12. How do I
correct information on my web certificate
after it has been issued to me?
You must issue a request to correct
your information on your web server
certificate. You can request one
replacement web server certificate
within 30 days of the certificate
being issued without being charged.
Any requests made after the 30-day
period, or any requests outside
the primary request, will require
you to purchase a new web server
certificate. If a processing error
occurs, we will issue a new web
server certificate at no cost to
you.
In order to change any information,
we must re-issue a new web certificate
with the correct information and
re-sign it - this preserves the
integrity of the web certificate.
All our web certificates are electronically
signed by the Root Certificate.
This electronic signature ensures
that none of the information contained
in the web server certificate has
been modified or tampered with.
See http://www.certificateregistration.com
Back
to Top
13. How do I
check the status of my web certificate
request?
You can check the status of your order by calling an Acciss
technical representative at 604.574.7225 or 1.800.661.1775.
Back
to Top
14. How will
I know if my enrollment was successful?
The Technical Contact, Authorized
Contact and Bill Contact will receive
an e-mail when your order has been
processed. This e-mail includes
a link to your request status page
and links to each of the Web server
certificates that have been issued.
If any of your server certificate
requests have not been approved
the status page explains why.
Back
to Top
15. How much
do your web-certificates cost?
For additional information or a quote, contact our sales
department at: 604.574.7225, toll-free at 1.800.661.1755
or e-mail sales@acciss.net.
Back
to Top
|
