- Secure Computing
- Guarding privacy
- SSL/TLS
Secure web & email: SSL & TLS
SSL, or Secure Sockets Layer is a security protocol used to transmit private communications via the Internet. Many Web sites use the SSL protocol to protect confidential user information, such as credit card numbers. By convention, URLs that require an SSL connection start with "https" instead of the normal "http." Many email clients also support SSL as a means to encrypt messages and keep them safe from identity thieves who watch public wireless networks looking for passwords and credit card numbers. An updated version of the SSL protocol is called TLS, for Transport Layer Security, but SSL & TLS are essentially the same standard.
SSL/TLS provides three security measures:
- Client authentication: Ensures that the client can uniquely identify the server, and can verify that data transfer will be secure.
- Data encryption: The data is scrambled using complex encryption algorithms, so that even if it is intercepted en route it cannot be deciphered.
- Data integrity checks: Verifies that there has been no alteration of the data during transit.
Supported email software
You can enable SSL with most, but not all of the IMAP and POP ITS supported email clients. See the configuration instructions or look at the pared down settings for using authenticated email or contact the Help Desk (203-432-9000).
SSL/TLS provides protection for your data by means of three security measures:
- Client authentication: ensures that the client can uniquely identify the server, and can verify that data transfer will be secure.
- Data encryption: the data is scrambled using complex encryption algorithms, so that even if it is intercepted en route it cannot be deciphered.
- Data integrity checks: verifies that there has been no alteration of the data during transit.
Comparison with encryption for email privacy
SSL encrypts messages/attachments, but only in transport between SSL/TLS enabled mail servers. So, your SSL email will be secure between your laptop or smartphone and Yale's email servers, but if the message then travels outside the Yale environment to unsecured (non-SSL) email systems (like a Gmail address, for instance), your message is no longer secure and is not protected by SSL.
PGP (Pretty Good Privacy) encrypts messages and attachments before they're sent, and the PGP-protected messages are secure anywhere in transit. PGP-protected messages must be unencrypted by the recipient of the message, using a password. This method is much more secure, but at some cost in time and convenience. Software to support PGP encryption is available from the ITS Software Library.
