You may have noticed that some web pages contain the prefix “httpS" instead of “http” in the web browser’s address bar. The “S” here stands for “secure” and identifies the Web site as using a security certificate.
These certificates are expensive, as the outside company that issues them must verify the recipient is who they represent themselves to be. For high-security servers (such as catalyst and catalystdev) that need encryption, TRG uses signed security certificates. If you ever get an error message about the certificate on one of these sites, be sure you let TRG know immediately (and don’t login unless TRG/DLC personnel have told you it’s OK).
For systems that require slightly less security, TRG may employ self-signed certificates. These certificates provide encryption so your username and password are not viewable to the outside world, but they also require the user to click a link acknowledging they are aware of the issue. Until fall of 2010, the “delta” system run by Distance Learning is an example of such a system.
Because modern web browsers are showing increasingly scary messages about this, TRG and DLC are in the process of phasing out the user of self-signed certificates.FAQs: Password Management < Security Certificates > Social Engineering and Scams