Very serious question. Can someone explain SSL to me like I'm in kindergarten? I'd like to learn more about it. I'm assuming that it's a security feature that GH should have.
Caveat: I don't claim to
really understand this stuff, but here's what SSL/TLS (Secure Sockets Layer/Transport Security Layer) lets you do:
I want to accomplish two things: 1) verify that messages sent from geekhack.org are
actually sent from geekhack.org (and not someone pretending to be), and 2) encrypt messages sent between the server and me. Number 2) means that if I submit my password and someone intercepts my message, all they see are "random" characters, not my actual password. Actually, they shouldn't even know that I submitted my password at all. SSL/TLS lets me accomplish both of these.
First, someone called a Certificate Authority issues an SSL certificate to geekhack.org. When I initiate a connection, geekhack.org sends me this special certificate, which I then send back to the Certificate Authority to "verify" that geekhack.org is who they say they are. Due to some crypto magic that I won't go into, it's not possible for someone else to fake this certificate. This gets me 1) above.
Since I now know that geekhack.org is who they say they are, we exchange a set of keys that we will use to encrypt further traffic. This uses something called Public Key Cryptography. The basic idea is that I generate a public key and a private key. I sent you my public key, which is kind of like a thing that takes some text and outputs some garbled text. The trick is that you can't get back the original text unless you have the private key. So you send me the encrypted message, and I use my private key to turn it back into the actual message you wanted me to receive. So I use the server's public key to encrypt messages I send it, and it uses my public key to encrypt messages it sends back. This gets me 2) above.
Corrections welcomed. If this didn't make sense, CPT, feel free to ping me on Skype.