Security: About SSL and logon problems
The exchange of patient- and donor-data between your browser and BMDW is secure; security is ensured by password-protection and the Secure Socket Layer (SSL) protocol. See also the WWW Security FAQ.
The Secure Socket Layer (SSL)
BMDW uses the secure protocol SSL for WWW-downloads and for the on-line match programs. With this protocol all data that is transmitted from your browser to the BMDW server, and from the BMDW server to your browser, is encrypted. This means that your password and all medical data are protected. After the secure connection has been set up you will see that, in Netscape, the key in the lower left-hand corner of your screen is no longer broken, or in Internet Explorer there is a lock in the lower right corner of the statusbar.
How secure is it?
BMDW uses 256-bit keys for the SSL encryption. To explain what this means and how secure this is, we refer to a quote from Jon Callas, the CTO of PGP corporation:
Logon problems due to SSL
A firewall or proxy server may secure and/or filter the communication between you and the outside world, the internet, and may cause logon problems. Secure-HTTP (SSL-encrypted) traffic passes through port 443 in the firewall or proxy server. This port is often closed. In this case, as a result of port 443 being blocked, you do not get a username / password dialogue and your browser will return an error.
To solve this problem, ask the person in charge of the firewall or proxy server to open the Secure-HTTP (or SSL) port 443.
Did you encounter a dialog box stating 'Certificate Authority Is Expired' when you tried to access one of our secure pages? Simply click Continue: the SSL session that secures your transaction with our site is not affected. You can avoid the dialog box in the future by upgrading your browser. Server certificates enable SSL encryption with hundreds of different Web browsers and Web servers. There is a minor user interface error with Netscape Communicator versions 4.05 and earlier and Microsoft Internet Explorer 4.01 for Macintosh, which include a component called a root CA certificate that is set to expire at the end of 1999. Users of these older browsers will experience an additional dialog box when connecting securely with your site after January 1, 2000.
BMDW - Bone Marrow Donors Worldwide * Plesmanlaan 1b * 2333 BZ Leiden * The Netherlands