The Basics of Email and Web Security
One of the biggest problems with email is that the messages are transmitted over the public internet. This means that it is theoretically possible for malicious parties to intercept email message transmissions and thereby gain access to what may be confidential information or data. The best way to avoid this is to use encryption to protect sensitive data when it is transmitted over the internet. Two such solutions are S/MIME and PGP.
Today just about any form of activity can be performed via web sites, from applying for a loan or credit card to purchasing items with those credit cards. A surprising amount of personal and confidential data is now transmitted from user's browsers to web sites all over the world. Within a short time of all data being transmitted in plain text using HTTP on TCP port 80 it became clear that more secure ways of interacting over the internet were needed.
Secure Sockets Layer (SSL) is a secure protocol developed by Netscape Communications for the encryption of data transmitted over the internet. The Internet Engineering Task Force (IETF) adopted SSL in 1996 and named it Transport Layer Security (TLS). TLS is equivalent to SSL 3.0 (although TLS and SSL are not interchangeable).
SSL/TLS use cryptography to ensure that data transmitted between a browser and a web site is secured through encryption. The strength of this technology is that it essentially invisible to the user. The only sign that SSL/TLS is being used will the fact that a web site address begins with https rather than http and the presence of a small padlock icon on the status bar of some web browsers.