You are currently viewing a snapshot of www.mozilla.org taken on April 21, 2008. Most of this content is highly out of date (some pages haven't been updated since the project began in 1998) and exists for historical purposes only. If there are any pages on this archive site that you think should be added back to www.mozilla.org, please file a bug.



SSL Page Info

When you choose Page Info from the View menu and click the Security tab, you see information about authentication and encryption for the web page you are viewing.

This section provides additional information about each combination you may encounter.

In this section:

Web Site Identity Not Verified—Connection Not Encrypted

Web Site Identity Verified—Connection Encrypted

Web Site Identity Conditionally Verified—Connection Encrypted

Web Site Identity Verified—Connection Not Encrypted

Web Site Identity Conditionally Verified—Connection Not Encrypted

 

Web Site Identity Not Verified—
Connection Not Encrypted

  • Web Site Identity Not Verified. The web site you are viewing does not support certificate-based authentication. Therefore, Certificate Manager cannot verify its identity. It is possible, though unlikely, that the web site is not what it claims to be.
  • Connection Not Encrypted. It is possible, though unlikely, that other people can view information sent from your computer to the web site or information sent by the web site to your computer. This should be of concern only if you are sending or viewing confidential information, such as your credit card number.

For short definitions, click authentication, encryption, or certificate.

 

Web Site Identity Verified—
Connection Encrypted

  • Web Site Identity Verified. The certificate that Certificate Manager has used to verify this web site's identity was issued by a certificate authority (CA) marked as one that you trust. You can be reasonably confident that the web site is what it claims to be.
  • Connection Encrypted. In general, the strength of an encrypted connection depends on the length of the keys use for encryption, measured in bits. The longer the key, the stronger the encryption—that is, the harder it is to for an unauthorized person to unscramble the encrypted information.
  • The Page Info window describes encryption strength in one of three ways:

    • High-grade encryption. Strongest encryption available, using 128-bit keys at a minimum.
    • Medium-grade encryption. Somewhat stronger than low-grade encryption, using 56- or 64-bit keys.
    • Low-grade encryption. Weakest encryption available, using 40-bit keys.

For short definitions, click authentication, encryption, or certificate.

 

Web Site Identity Conditionally Verified—
Connection Encrypted

  • Web Site Identity Conditionally Verified. The web site you are viewing has presented a certificate that is invalid, but that you have decided to accept anyway.
  • The Page Info window has listed one or both of the following reasons why the web site's certificate is invalid:

    • The identity of this web site has been verified by a certificate authority that you have not designated as trusted for this purpose. If you wish to trust this certificate authority to identify web sites in the future, click the Edit button and select "This certificate can certify web sites that support encryption."
    • The certificate used to identify the web site belongs to a web site with a URL that's different from the URL specified in the certificate. If Personal Security Manager informs you of this discrepancy, you should be cautious about using the web site, since it appears to be misrepresenting itself.
  • Connection Encrypted. In general, the strength of an encrypted connection depends on the length of the keys use for encryption, measured in bits. The longer the key, the stronger the encryption—that is, the harder it is to for an unauthorized person to unscramble the encrypted information.

The Page Info window describes encryption strength in one of three ways:

  • High-grade encryption. Strongest encryption available, using 128-bit keys at a minimum.
  • Medium-grade encryption. Somewhat stronger than low-grade encryption, using 56- or 64-bit keys.
  • Low-grade encryption. Weakest encryption available, using 40-bit keys.

For short definitions, click authentication, encryption, or certificate.

 

Web Site Identity Verified—
Connection Not Encrypted

  • Web Site Identity Verified. The certificate that Personal Security Manager has used to verify this web site's identity was issued by a certificate authority (CA) designated in your certificate store as one that is trusted for the purpose of identifying web sites. You can be reasonably confident that the web site is what it claims to be.
  • Connection Not Encrypted. It is possible, though unlikely, that other people can view information sent from your computer to the web site or information sent by the web site to your computer. This should be of concern only if you are sending or viewing confidential information, such as your credit card number.

For short definitions, click authentication, encryption, or certificate.

 

Web Site Conditionally Verified—
Connection Not Encrypted

  • Web Site Identity Conditionally Verified. The web site you are viewing has presented a certificate that is invalid, but that you have decided to accept anyway. To view the certificate, click the View button.
  • The Page Info window may list one or both of the following reasons why the web site's certificate is invalid:

    • The identity of this web site has been verified by a certificate authority that you have not designated as trusted for this purpose. If you wish to trust this certificate authority to identify web sites in the future, click the Edit button and select the check box labeled "This certificate can certify web sites that support encryption."
    • The certificate used to identify the web site belongs to a web site with a URL that's different from the URL specified in the certificate. If the Page Info window informs you of this discrepancy, you should be cautious about using the web site, since it appears to be misrepresenting itself.
  • Connection Not Encrypted. It is possible, though unlikely, that other people can view information sent from your computer to the web site or information sent by the web site to your computer. This should be of concern only if you are sending or viewing confidential information, such as your credit card number.

For short definitions, click authentication, encryption, or certificate.


8/28/2001

Copyright © 1994-2001 Netscape Communications Corporation.