Welcome to a new addition of the Kiiff Blog. Today, we’re expanding our knowledge of web security by talking about Certificate Authorities or CA’s. They are the reason SSL is able to work, and websites are able to be trusted by regular website users.
For a high level view of Certificate Authorities, abbreviated CA’s from here on, there isn’t much technical knowledge required. It is a fairly basic idea that helps prevent a few disastrous intrusion attacks. With that said, it may help you understand the subject better if you understand what SSL is and have a basic overview of public key infrastructure. For that, check out this post made earlier on the blog.
What is a CA?
The purpose of a CA is to, simply, be a trusted third party between a client and server. A CA issues digital certificates that it has electronically signed and allows a client to ensure an HTTPS connection is made. Note that is HTTPS with an S and not HTTP. It means a secure connection is made between the server and client.
Why is this Important?
CA’s assist in preventing the infamous man in the middle attack. This is because the trusted third party, the CA, will of course not sign an invalid certificate. It is very hard for an attacker to disguise themselves as a server with an invalid certificate. Therefore, when your browser issues a message that says either a certificate is not signed, or a site certificate is missing, it often means that at best a site is not secure; at worst, the site is not who they say they are and someone is trying to intercept your connection to hijack your browsing session, or something similar.
The moral here, every site should have a valid certificate and is protected with SSL. HTTPS browsing is becoming more common especially with browsers like Chrome and Firefox. Kiiff provides a FREE SSL certificate to our clients when they host with us. This gives your clients an extra sense of trust on your site. If you are selling anything on the web using an ecommerce site, your business will not do so well without one.