Chapter 10 Question 14

14. How is encryption used to protect data sent to Web sites?

A security certificate installed on the server provides a private-public key pair that browsers know how to implement. The public key is sent from the server to the client browser. The client browser sends a new session key back to the server encrypted with the public key. This process establishes a session encryption that cannot be broken if the message is intercepted. Hence, any data sent by the client browser is safe from interception or alteration while it is being transferred to the server.