Windows 7 / Getting Started

A note on certificates

As you go through all the optional settings in the Internet Options dialog box, you eventually notice the Certificates section on the Content tab. First, let me just say there's really nothing you need to do, or should do, with those options unless you're specifically instructed to do so by a trusted Web site or certificate authority. Otherwise, it's all handled automatically without any intervention on your part.

But because I am getting into some of the more obscure aspects of secure Web browsing here, it might be worth learning what certificates are about and how they provide secure Web browsing. After all, when it comes to Internet security, knowledge is your best defense.

Here's the basic problem. Virtually all Web traffic takes place in plain text, meaning that no effort is made to disguise or hide the content being transmitted between a Web server and a Web browser. There's no need to disguise it. Most information on the Web is there for public consumption. And there's no need to disguise information that anybody and everybody can access from their own computer.

It's a different story when you make an online purchase and need to send your credit card information to the online store. That kind of information is most definitely not for public consumption. To make sure that it doesn't fall into the wrong hands, credit card information (and some other types of personal information) is encrypted before it's put on the Internet.

Encryption means that the information is encoded in such a way that if someone did manage to intercept it, it would do that person no good because opening the intercepted file would display nothing but meaningless gobbledygook. It can't be deciphered without the appropriate ''secret decoder ring.'' Or, in correct terminology, the interceptor doesn't have the appropriate private key to decode the message. Only the company to which you're sending the sensitive information has that private key.

A certificate is a means of making sure that the whole encryption process stays legitimate and safe. A site that wants to offer secure Web browsing to its customers applies to a company called a Certificate Authority (CA) for a certificate. The company has to prove its legitimacy as a business, have a stable place of business, and have people who will be held criminally responsible for any shenanigans.

When the company gets the certificate, it also gets a public key for encrypting files and a private key for decrypting files. (It's not a physical key; it's a computer file.) The company then sets up a secure Web server that has an https:// address. The s stands for secure.

When you browse to a secure Web site (one that starts with https://), some things happen behind the scenes to protect you. First, the server has to prove it's the actual Web site to your computer by sending its certificate. Your computer then checks the certificate holder's status with the CA to verify that the server is not an imposter and that the business hasn't had its certificate revoked for doing bad things with it.

Note If a certificate holder uses the certificate to commit a crime (such as ripping off customers), the certificate is revoked. You see a warning message not to do business with the site.

The certificate the server sends you also contains the site's public encryption key. So let's say you fill in your credit card information on a form on your screen. Then you click Submit to send it. Before that information leaves your computer, it's encrypted with the site's public key. It remains encrypted until it gets to the already-proven-safe Web server.

When it gets to that safe server, it can be decrypted with the company's private key to complete the transaction. Overall, the whole process is probably much safer than handing your credit card over to an unknown waiter, waitress, gas station attendant, or store clerk.

The trick is knowing when you're on a secure site. The easy way to tell is by looking at the address bar when you're on the page where you conduct the transaction. If its address starts with https://, it's okay. (If you previously chose the option not to see that message anymore, you won't see that message.)

Assuming that you haven't already turned off that message, you also see a message when you leave the secure connection. Also, the address of the page you go to will start with http:// rather than https://.

Both of the preceding messages are just there to keep you informed of when it is, and isn't, safe to send sensitive data across the Internet. If you did turn off those messages and want to see them again in the future, follow these steps:

  1. Click Tools and choose Internet Options or choose Tools → Internet Options from Internet Explorer's menu bar.
  2. In the Internet Options dialog box, click the Advanced tab.
  3. Scroll to the bottom of the list.
  4. Select the Warn If Changing Between Secure and Not Secure Mode and click OK.
[Previous] [Contents] [Next]

In this tutorial:

  1. Using Windows 7 Internet Explorer
  2. Understanding How the Web Works
  3. Examples of Top-Level Domains and URLs of Web Sites
  4. Windows Explorer Versus Internet Explorer
  5. Using Internet Explorer
  6. Browsing to a Web site
  7. Using AutoComplete
  8. Using Back, Forward, and History buttons
  9. Magnifying a page
  10. Panes and toolbars
  11. Full-screen viewing
  12. Change your default home page
  13. Using Tabs
  14. Using Quick Tabs
  15. Creating multiple home page tabs
  16. Rearranging and removing home page tabs
  17. Personalizing tabbed browsing
  18. Shortcut keys for tabs
  19. Using Web Slices
  20. Using Accelerators
  21. Using RSS Feeds
  22. Optional settings for RSS feeds
  23. Using the RSS Feed Headlines gadget
  24. Managing Favorite Sites
  25. Adding tab groups to Favorites
  26. Starting Your Favorites Collection
  27. Organizing Favorites
  28. Importing and exporting Favorites
  29. Blocking Pop-Ups
  30. Using the Information bar
  31. When pop-ups still get through
  32. Using the SmartScreen Filter
  33. How the SmartScreen Filter works
  34. Getting the most from the SmartScreen Filter
  35. Deleting the Browser History
  36. Clearing AutoComplete entries
  37. Configuring AutoComplete
  38. Understanding cookies
  39. Deleting cookies
  40. Adjusting cookie privacy settings
  41. Looking at cookies and privacy policies
  42. Understanding temporary Internet files
  43. Clearing temporary Internet files
  44. Temporary Internet files settings
  45. A note on certificates
  46. Using Internet Security Zones
  47. Printing Web Pages
  48. Using Print Preview
  49. Saving Web Pages
  50. Copying content from Web pages
  51. Downloading pictures and videos
  52. Making Internet Explorer Your Default Browser
  53. Searching the Web
  54. Choosing search providers
  55. Choosing a default provider
  56. Searching from the Search box
  57. Searching from the address bar
  58. Getting More with Add-ons
  59. Managing add-ons
  60. Internet Explorer Help and Troubleshooting