An SSL, or Secure Socket Layer, is technology that has been developed that allows web browsers and web servers to communicate over a secured connection.

The system uses cryptography that uses two keys to encrypt data  a public key known to everyone and a private or secret key known only to the recipient of the message. It’s a way to encrypt data, like credit cards numbers (as well other personally identifiable information), which prevents the "bad guys" from stealing your information for malicious intent.

The recently introduced SSL v3 improved upon SSL v2 by adding SHA-1 based ciphers, and support for certificate authentication. SSL v2 was known to be flawed in a variety of ways. Identical cryptographic keys are used for message authentication and encryption. The older version did not have any protection for the handshake, meaning a Man-in-the-middle downgrade attack could go undetected.

SSL has recently been succeeded by Transport Layer Security (TLS), which is based on SSL and is included as part of both the Microsoft and Netscape browsers and most Web server products. SSL uses the public-and-private key encryption system from RSA, which also includes the use of a digital certificate.

SSL-enabled client software can use standard techniques of public-key cryptography to check that a server's certificate and public ID are valid and have been issued by a certificate authority (CA) listed in the client's list of trusted CAs. Client authentication allows a server to confirm a user's identity. It’s a way to assure a client that they are dealing with the real server they intended to connect to. It can prevent any unauthorized clients from connecting to the server, preventing anyone from meddling with data going to or coming from the server.

From the very beginning SSL was designed to provide security between client and server, and to avoid any kind of 3-way man-in-the-middle attack.

Conceptually it’s quite simple: it negotiates the cryptography algorithms and keys between two sides of a communication, and establishes an encrypted tunnel through which other protocols (like HTTP) can be transported. It can also be easily passed through firewalls and proxies, as well as through NAT (Network Address Translation) without issues.

A part of web development is copywriting. Excellent copy means it has to be appealing to both readers and to search engines. This combination will help websites to rank highly. A problem occurs when there are space constraints to a site, page layout requirements or other issues.

Because appealing to both readers and search engines is so important, you don't want to sacrifice one for the other. Adding a big block of copy to the middle of a page may not be the best answer, however, if a page needs content, adding a couple of sentences to the bottom of each section is a good option. Your copy will still be readable and the additional content will appeal to the search engines.

There are some things to remember when writing content for a website.

• Web users are active. One click and they have left your site. If they don't see a reason to stay, they won't. There is a 10 - 15 second window available to capture a visitor's attention.
• The longer the text is, the less likely they are to read it. With long text, they will skim it, if they bother to read it at all.
• Web users don't believe in hype. If you want a web user to believe you and to believe in you, you must back up your claims.

Four questions must be answered on each page:

• What am I doing here?
• How do I do it?
• What's in it for me?
• Where can I go, next?

If your design and navigation isn't obvious, then you need to explain it in the copy. Most visitors will not take the time to figure this information out. If a first time visitor cannot find their way around your site, they will likely never come back.

Unless your visitors are expecting to read something on your page, don't expect that they will read more than one or two lines of copy.

Understanding your copy is as important as length. Don't make the copy so complicated that it is difficult to comprehend or make it so the customer will have to think about it because they won't.

What this means is you want to convey one key idea in just one or two lines. Don't try to add a third line because if you say too much, then even the first idea won't penetrate. If your site needs more content, break it down into sections that are one or two paragraphs each. Say what you want to say in the first sentence and then expand the thought into the paragraph. Use meaningful headers. Most people will only scan the headers to the paragraphs and not even bother with the copy on the page, unless it is something that appeal to them. It is better to write only one or two lines with links to another page with the longer copy.

Even when users are expecting to find text heavy content, don't expect they will take the time to read all of it. Longer copy doesn't have to be as abrupt as shorter text, but it needs to be as easy to read.

Make your copy clear, but not boring. Lively writing with an unassuming voice is best. Boring writing will turn your reader off and nothing you say at that point will make it through.

I've done quite a bit of research into web analytics lately, and I have found a couple of things. Google analytics Is a great tool, but it cannot be the only tool an organization relies on. Because it is a purely JavaScript based, it is unable to catch browsers that do not have JavaScript enabled, this includes the search engine robots, some hand held devices, as well as a percent of users that manually turn this off. That being said we need a tool to parse the log files from the server and to give us information about these users, as well as providing us with "on demand" stats where as Google's stats are next day. The server logs also contain a wealth of other information that we are collecting automatically, so we might as well take advantage of it.

I have come to the conclusion that we need to use Google Analytics but we also need a tool that reads the server logs. There are quite a variety of tools that would fill this need. Google recently purchased Urchin who's web analysis product runs Google analytics, costs about $3k and will work with the Google Mini, Urchin also gives the ability to read logs from server software other than IIS (like apache, the software used for open source applications) .

Urchin will be releasing another version shortly, and this will be the first release since the Google buyout. Another option is WebTrends Analytics it costs about $4k. It Like Urchin will read both IIS and Apache logs, and has a web interface for users. The last product is NetTracker, it runs about $4k for the software, and another grand for support. it was recently bought out by Unica. The administration of netTracker is not the smoothest, and the support seems to have declined on quality since the buy out.