Who Needs A Code Signing Certificate?

A Performance Host Code Signing Certificate is essential for:

• Any commercial or open source provider who distributes code or content over the Internet or via an extranet.
• Publishers wishing to protect their reputations by making it impossible for impersonators to successfully tamper with their trusted products.

Code signing adds a digital signature to the software’s executable code, validating that the code comes from you. When an end-user attempts to download your content, a dialog box will appear identifying you as the publisher. Any alteration of the original code breaks the digital signature, alerting potential users that the content is not to be trusted.

• Allows publishers to sign .exe, .cab, .dll, and .ocx files; Java Applets and MIDlets; Microsoft® Office documents with macros; and other types of files that support digital signatures.
• Performance Host Code Signing Certificates are fully integrated with Industry-Standard Technology.
• Performance Host Code Signing Certificates are available only to legally registered companies with a registered status of “Good Standing”, “Active” or equivalent. Registration will be confirmed with the appropriate government agency before issuing the Code Signing Certificate.

With public concern for online security at an all-time high, people are no longer willing to download software without proof that it’s legitimate. With a Performance Host Code Signing Certificate, software developers and other content publishers can “sign” their code, thereby reassuring customers it’s the real thing.

• Perfect for software publishers and content providers of ActiveX controls, dynamic link libraries (.dll files), .cab files, HTML content or any other software distributed over the Internet or via an extranet.
• Time-stamping service provided, allowing distribution of signed code beyond certificate expiration
• Protects your intellectual property by warding off impersonation and tampering.

What is Code Signing?

Code signing certificates are used by content publishers to append digital signatures to their products. These digital signatures prove to consumers of the content the identity of the creator and validate that content has not been tampered with since it was originally distributed. Code signing digital signatures can be used to sign content including software components, macros, firmware images, virus updates, configuration files or other types of content for secure delivery over the Internet or other mechanisms. Code signing has becoming increasingly important, with the rapid growth of Internet distribution of content and tightened security settings in many newer browsers and/or operating systems.

SSL Authentication

Before Starfield Technologies issues an SSL Certificate, the applicant’s company or personal information undergoes a rigorous authentication procedure that serves to pre-empt online theft and to verify the domain control and, if applicable, the existence and identity of the requesting entity. Only through thorough validation of submitted data can the online customer rest assured that online businesses that utilize SSL certificates from Starfield Technologies indeed are to be trusted. A High Assurance Starfield Technologies certificate guarantees that the entity that owns the certificate is who it claims to be and has a legal right to use the domain from which it operates.

SSL Certificates are only issued to entities whose domain control and, depending on certificate type, business credentials and contact information have been verified. Thus, a Starfield Technologies SSL certificate guarantees that the entity that owns the certificate is who it claims to be and has a legal right to use the domain from which it operates.

Starfield Technologies issues three types of SSL Certificates, each of which relies on authentication of a number of elements:
High Assurance Certificate — Corporate:
Starfield Technologies will authenticate that:

• The certificate is being issued to an organization that is currently registered with a government authority.
• The requesting entity controls the domain in the request.
• The requesting entity is associated with the organization named in the certificate.

High Assurance Certificate — Small Business/Sole Proprietor:
Starfield Technologies will authenticate that:

• The individual named in the certificate is the individual who requested the certificate.
• The requesting individual controls the domain in the request.

Medium Assurance (i.e., Turbo SSL) Certificate:
Starfield Technologies will authenticate that:

• The requesting entity controls the domain in the request.

View all of the Starfield Cerificates that PerformanceHost.net offer

Keep Your Customers Data Safe

A PerformanceHost.net SSL Certificate secures safe, easy and convenient Internet shopping. Once an Internet user enters a secure area — by entering credit card information, e-mail address or other personal data, for example — the shopping site’s SSL certificate enables the browser and Web server to build a secure, encrypted connection. The SSL “handshake” process, which establishes the secure session, takes place discreetly behind the scenes, ensuring an uninterrupted shopping experience for the consumer. A “padlock” icon in the browser’s status bar and the “https://” prefix in the URL are the only visible indications of a secure session in progress.

By contrast, if a user attempts to submit personal information to an unsecured Web site (i.e., a site that is not protected with a valid SSL certificate), the browser’s built-in security mechanism will trigger a warning to the user, reminding him/her that the site is not secure and that sensitive data might be intercepted by third parties. Faced with such a warning, most Internet users likely will look elsewhere to make a purchase. A “padlock” icon in the browser’s status bar indicates that a secure session is in progress.

Up to 256-Bit Encryption

PerformanceHost.net SSL certificates support both industry-standard 128-bit (used by all banking infrastructures to safeguard sensitive data) and high-grade 256-bit SSL encryption to secure online transactions. The actual encryption strength on a secure connection using a digital certificate is determined by the level of encryption supported by the user’s browser and the server that the Web site resides on. For example, the combination of a Firefox browser and an Apache 2.X Web server enables up to 256-bit AES encryption with PerformanceHost.net certificates.

Encryption strength is measured in key length — number of bits in the key. To decipher an SSL communication, one needs to generate the correct decoding key. Mathematically speaking, 2n possible values exist for an n-bit key. Thus, 40-bit encryption involves 240 possible values. 128- and 256-bit keys involve a staggering 2128 and 2256 possible combinations, respectively, rendering the encrypted data de facto impervious to intrusion. Even with a brute-force attack (the process of systematically trying all possible combinations until the right one is found) cracking a 128- or 256-bit encryption is computationally unfeasible.

What is an SSL Certificate?

An SSL certificate is a digital certificate that authenticates the identity of a Web site to visiting browsers and encrypts information for the server via Secure Sockets Layer (SSL) technology. A PerformanceHost.net certificate serves as an electronic “passport” that establishes an online entity’s credentials when doing business on the Web. When an Internet user attempts to send confidential information to a Web server, the user’s browser will access the server’s digital certificate and establish a secure connection.

A certificate serves as an electronic “passport” that establishes an online entity’s credentials when doing business on the Web. Information contained in the certificate includes:

• The certificate holder’s name (individual or company)*
• The certificate’s serial number and expiration date
• Copy of the certificate holder’s public key
• The digital signature of the certificate-issuing authority

To obtain an SSL certificate, one must generate and submit a Certificate Signing Request (CSR) to a trusted Certification Authority, such as PerformanceHost.net, which will authenticate the requestor’s identity, existence and domain registration ownership before issuing a certificate.
*High Assurance Certificates only. Turbo SSL Certificates only contain the domain name and no information on the individual or company that purchased the certificate.

Public and Private Keys

When you create a CSR, the Web server software with which the request is being generated, creates two unique cryptographic keys: A public key, which is used to encrypt messages to your (i.e., the certificate holder’s) server and is contained in your certificate, and a private key, which is stored on your local computer and “decrypts” the secure messages so they can be read by your server. In order to establish an encrypted link between your Web site and your customer’s Web browser your Web server will match your issued SSL certificate PerformanceHost.net to your private key. Because only the Web server has access to its private key, only the server can decrypt SSL-encrypted data.

SSL Certificates Enable Safe and Convenient Online Shopping

A PerformanceHost.net SSL Certificate secures safe, easy and convenient Internet shopping. Once an Internet user enters a secure area — by entering credit card information, e-mail address or other personal data, for example — the shopping site’s SSL certificate enables the browser and Web server to build a secure, encrypted connection. The SSL “handshake” process, which establishes the secure session, takes place discreetly behind the scenes, ensuring an uninterrupted shopping experience for the consumer. A “padlock” icon in the browser’s status bar and the “https://” prefix in the URL are the only visible indications of a secure session in progress.

By contrast, if a user attempts to submit personal information to an unsecured Web site (i.e., a site that is not protected with a valid SSL certificate), the browser’s built-in security mechanism will trigger a warning to the user, reminding him/her that the site is not secure and that sensitive data might be intercepted by third parties. Faced with such a warning, most Internet users likely will look elsewhere to make a purchase.

Why you need a SSL Certificate

Recent numbers from the U.S. Department of Commerce show that online retail is continuing its rapid growth. However, malicious phishing and pharming schemes and fear of inadequate online security cause online retailers to lose out on business as potential customers balk at doing business online, worrying that sensitive data will be abused or compromised. For e-businesses, the key is to build trust: Running a successful online business requires that your customers trust that your business effectively protects their sensitive information from intrusion and tampering.
Installing an SSL Certificate from PerformanceHost.net on your e-commerce Web site allows you to secure your online business and build customer confidence by securing all online transactions with up to 256-bit encryption.

An SSL Certificate on your business’ Web site will ensure that sensitive data is kept safe from prying eyes. With a PerformanceHost.net SSL Certificate, customers can trust your site. Before issuing a certificate, Starfield technologies rigorously authenticates the requestor’s domain control and, in the case of High Assurance SSL Certificates, the identity and, if applicable, the business records of the certificate-requesting entity. The authentication process ensures that customers and business partners can rest assured that a Web site protected with a PerformanceHost.net SSL Certificate can be trusted. A PerformanceHost.net SSL Certificate provides the security your business needs and the protection your customers deserve. With a PerformanceHost.net SSL Certificate, customers will know that your site is secure.

Why You Need a PerformanceHost.net SSL Certificate

In the rapidly expanding world of electronic commerce, security is paramount. Despite booming Internet sales, widespread consumer fear that Internet shopping is not secure still keeps millions of potential shoppers from buying online. Only if your customers trust that their credit card numbers and personal information will be kept safe from tampering can you run a successful online business.

For online retailers, securing their shopping sites is paramount. If consumers perceive that their credit card information might be compromised online, they are unlikely to do their shopping on the Internet. A PerformanceHost.net SSL Certificate provides an easy, cost-effective and secure means to protect customer information and build trust. An SSL Certificate enables Secure Sockets Layer (SSL) encryption of your business’ online transactions, allowing you to build an impenetrable fortress around your customers’ credit card information.

A PerformanceHost.net SSL Certificate helps you build an impenetrable fortress around your customers’ credit card information. PerformanceHost.net SSL certificates bring the highest level of trust to your online business. A PerformanceHost.net SSL Certificate ensures that all sensitive transactions are kept securely encrypted and safe from prying eyes, and rigorous authentication guarantees that PerformanceHost.net certificates are issued only to entities whose existence and domains can be verified.

PerformanceHost.net SSL Certificates offer industry-leading security and versatility:

• Fully validated
• Up to 256-bit encryption
• One-, two- or three-year validity (Turbo SSL Certificates valid up to 10 years)
• 99% percent browser recognition
• Stringent authentication
• Around-the-clock customer support