256-bit encryption Process of scrambling an electronic document using an algorithm whose key is 256 bits in length. The longer the key, the stronger it is.
Asymmetric cryptography These are ciphers that imply a pair of 2 keys during the encryption and decryption processes. In the world of SSL and TLS, we call them public and private keys.
Certificate signing request (CSR) Machine-readable form of a DigiCert certificate application. A CSR usually contains the public key and distinguished name of the requester.
Certification authority (CA) Entity authorized to issue, suspend, renew, or revoke certificates under a CPS (Certification Practice Statement). CAs are identified by a distinguished name on all certificates and CRLs they issue. A Certification Authority must publicize its public key, or provide a certificate from a higher level CA attesting to the validity of its public key if it is subordinate to a Primary certification authority. DigiCert is a Primary certification authority (PCA).
Cipher suite This is a set of key exchanges protocols which includes the authentication, encryption and message authentication algorithms used within SSL protocols.
Common name (CN) Attribute value within the distinguished name of a certificate. For SSL certificates, the common name is the DNS host name of the site to be secured. For Software Publisher Certificates, the common name is the organization name.
Connection error When security issues preventing a secure session to start are flagged up while trying to access a site.
Domain Validation (DV) SSL Certificates The most basic level of SSL certificate, only domain name ownership is validated before the certificate is issued.
Elliptic Curve Cryptography (ECC) Creates encryption keys based on the idea of using points on a curve to dene the public/private key pair. It is extremely difficult to break using the brute force methods often employed by hackers and offers a faster solution with less computing power than pure RSA chain encryption.
Encryption Process of transforming readable (plaintext) data into an unintelligible form (ciphertext) so that the original data either cannot be recovered (one-way encryption) or cannot be recovered without using an inverse decryption process (two-way encryption).
Extended Validation (EV) SSL Certificates The most comprehensive form of secure certificate which validates domain, require very strict authentication of the company and highlights it in the address bar.
Key exchange This is the way users and server securely establish a pre-master secret for a session.
Master secret The key material used for generation of encryption keys, MAC secrets and initialization vectors.
Message Authentication Code (MAC) A one way hash function arranged over a message and a secret.
Organization Validation (OV) SSL Certificates A type of SSL certificate that validates ownership of the domain and the existence of the organization behind it.
Pre-master secret The key material used for the master secret derivation.
Public key infrastructure (PKI) Architecture, organization, techniques, practices, and procedures that collectively support the implementation and operation of a certificate-based public key cryptographic system. The PKI consists of systems that collaborate to provide and implement the public key cryptographic system, and possibly other related services.
Secure server Server that protects host web pages using SSL or TLS. When a secure server is in use, the server is authenticated to the user. In addition, user information is encrypted by the user's web browser's SSL protocol before being sent across the Internet. Information can only be decrypted by the host site that requested it.
SAN (Subject Alternative Name) SSL certificates Type of certificate which allows multiple domains to be secured with one SSL certificate.
SSL Stands for secure sockets layer. Protocol for web browsers and servers that allows for the authentication, encryption and decryption of data sent over the Internet.
SSL certificate Server certificate that enables authentication of the server to the user, as well as enabling encryption of data transferred between the server and the user. SSL certificates are sold and issued directly by DigiCert, and through the DigiCert Managed PKI for SSL Center.
SSL Handshake A protocol used within SSL for the purpose of security negotiation.
Symmetric encryption Encryption method that imply the same key is used both during the encryption and decryption processes.
TCP Transmission control protocol, one of the main protocols in any network.
Wildcard SSL certificates Type of certificate used to secure multiple subdomains.