When you visit your local jobs portal, do you as an employer/job seeker find it safe with SSL cert enabled when you login? I don't see most of my country portal use it, is it safe? Especially employers use for posting job ad.
A:
Hi proyb2!
There are two main areas where SSL certificates are relevant in that regard:
All data you are transferring from or to the remote location (i.e. that job portal) is encrypted. While the job ad itself isn't necessarily very sensitive data, an application form, for instance, is. Say, if I was logged on to an open Wifi network and I would fill in your application form, I wouldn't be amused if the owner of that network or someone who simply spies on its traffic could see everything I'm sending in plain text. So, here I would definitely want this content to be encrypted.
Widely accepted SSL certificate authorities (those that a browser like Firefox will "trust" without a warning when you open the page) also check that the website owner is authentic. So, if you had just secured the domain bigcompany.com and would post some scam job ads, I as an end user wouldn't be able to detect whether you're Big Company or not (and, in a worst case, you're not and I'm sending you all sorts of confidential information). Now, when a certificate authority issues a SSL certificate, this is only valid for a certain domain name and contains your corporate or personal details. Since a third party (the certificate authority) has checked this information, these details are relatively trustworthy. Browsers have been enhanced to display so-called Extended Validation certificates in a very neat way (i.e. so that the company name appears as a green label in the address bar of the browser).
Hope this helps: Tobi.