Server IDs Work:
A customer contacts your site and accesses a secured
URL: a page secured by a Server ID (indicated
by a URL that begins with "https:" instead
of just "http:" or by a message from
Your server responds, automatically
sending the customer your site's digital certificate,
which authenticates your site.
Your customer's Web browser generates
a unique "session key" (like a code)
to encrypt all communications with the site.
The user's browser encrypts the
session key with your site's public key so only
your site can read the session key. Depending
on the browser, the user may see a key icon becoming
whole or a padlock closing, indicating that the
session is secure.
A secure session is now established--all
communications will be encrypted and can only
be decrypted by the two parties in the session.
It all takes only seconds and requires no action
by the user.