Secure Sockets Layer (SSL) is a technology designed to provide two primary services for networking: encryption and identification. Encryption works very successfully to hide information from prying eyes, while identification works to verify the identity of the person or service being contacted. The identification relies on several trusted authorities, such as VeriSign, to help users decide who is legitimate when connecting to them, such as when a user visits a secure website.

On the Other: Identification is Weak

Ever since SSL has been used to secure websites, users have been well trained on the encryption part of SSL, but not on the identification part. Because of this, many users are not aware of how to validate the identity of a given secure website. This is important because it is not enough to have a secure manner of talking without knowing who you are talking to. You must know that you can trust the web server (or other entity) you are connected to.

Bottom Line

SSL is certainly a safe technology to use, and websites that implement SSL for their secure sites are providing their users with an industry-standard security protocol that can be trusted. Users should be mindful to use the identification part of SSL to ensure that the websites they are connected to are controlled by the people they expect to control them.

Source:

SSL with Firefox

How SSL Security Works