SSL In The Driver's Seat
SSL (Secure Sockets Layer) has become the de facto standard for client-to-server encryption on the Internet. It is a public key encryption scheme developed by Netscape that uses both public and private keys to authenticate users. Part of this process involves the server sending the client its certificate. Provided by a certifying authority, such as Verisign, this certificate guarantees the server's authenticity so that you know exactly what resource you are talking to. After this key exchange takes place, a shared secret key is used to encrypt the data between sender and receiver.
The link for this article located at TechWeb is no longer available.