simple security

Authentication is a mechanism to verify the identity of the person or server you are communicating with. For example, when you log into your email account, you are challenged to provide your username and password to verify your identity. This is an example of one-way authentication. Authencation mechanisms can vary. You can use passwords, server side certifcates (like the ones issued by Verisign etc) etc. Two-way authentication or mutual authentication is performed when both the parties check each others credentials before exchanging data. Two-way authentication is usually used achieved using client-side and server-side certificates and usually performed for server to server communication.

Encryption is the mechanism to mangle your conversation (or data) so that it only makes sense to the receipient. There are various ways to encrypt data. Encrypted data is transferred over the world wide web using SSL (https).

Whenever you start an SSL session with a website, the browser first checks the certificate on the server to ensure that it is really the server it is claiming to be. If either the certificate name and the server name doesnt match or the certificate has expired, it will usually pop-up a dialog box informing you of the problem and asking you whether you still want to accept the certificate.