Sealey Tools
Parts
Accessories
login
View Basket
Advanced Search

Home

Members
personal details
vehicle details
web site security


On the Move


Corporate

Recruitment

Download

Discussion Forum

Offers





  

Web Site Security
We take our customers security very seriously. To this end we are using a 'Digital Server Certificate' from VeriSign™.

The 'Server Certificate' encrypts information between your web browser and our Internet Server using 40 bit cryptography. This ensures that if this information is intercepted, it cannot be read.

How Digital Certificates work
In physical transactions, the challenges of identification, authentication, and privacy are solved with physical marks, such as seals or signatures. In electronic transactions, the equivalent of a seal must be coded into the information itself.

By checking that the electronic ‘seal’ is present and has not been broken, the recipient can confirm the identity of the message sender and ensure that the message content was not altered in transit. To create an electronic equivalent of physical security, VeriSign employs a Public Key cryptosystem, sometimes called an asymmetric system.

Single Key Cryptography
Throughout history, most private messages were kept secret with single key cryptography, sometimes called symmetric cryptography. Single key cryptography is the way that most secret messages have been sent over the centuries. In single key cryptography, there is a unique code (or key) for both encrypting and decrypting messages. Single key cryptography works as follows: Suppose Bob has one secret key. If Alice wants to send Bob a secret message:

  1. Bob sends Alice a copy of his secret key
  2. Alice encrypts a message with Bob’s secret key
  3. Bob decrypts the message with his secret key

Unfortunately, this method has several problems. First, Bob must find a secure method of getting his secret key to Alice. If the secret key is intercepted, all of Bob’s communications are compromised. Second, Bob needs to trust Alice. Alice may give Bob’s secret key to his rivals. Or, she may read Bob’s other private messages or even imitate Bob. Finally, if you have an organisation with people who need to exchange secret messages, you will either need to have thousands (if not millions) of secret keys, or you will need to rely on a smaller number of keys, which opens the door to compromise.

Public Key Cryptography
VeriSign Server Certificates employ the more advanced public key cryptography, which does not involve the sharing of secret keys. Rather than using the same key to both encrypt and decrypt data, a Server Certificate uses a matched pair of keys that complement each other. When a message is encrypted by one key, only the other key can decrypt it.

When the key-pair was generated for Euro Car Parts, our ‘private key’ was installed on our server; only our Senior Web Administrator has access to it. Our matching ‘public key,’ in contrast, is freely distributed as part of our Server Certificate. We can share it with anyone, and even publish it in directories. Customers or correspondents who want to communicate with us privately can use the public key in our Server Certificate to encrypt information before sending it to us. Only we can decrypt the information, because only we have the private key.

Our Server Certificate contains our name and identifying information, our public key, and the digital signature of the issuing Certification Authority. It tells customers and correspondents that the public key belongs to us.

The ultimate result of a VeriSign™ Server Certificate: secure communications between us and our customers that protect our customers and our business.

Click to verify..  

 

Copyright © 2000 Euro Car Parts Limited. All rights reserved.