The exchange of patient- and donor-data between your browser and BMDW is secure; security is ensured by password-protection and the Secure Socket Layer (SSL) protocol. See also the WWW Security FAQ.

BMDW uses the secure protocol SSL for WWW-downloads and for the on-line match programs. With this protocol all data that is transmitted from your browser to the BMDW server, and from the BMDW server to your browser, is encrypted. This means that your password and all medical data are protected. After the secure connection has been set up you will see that, in Netscape, the key in the lower left-hand corner of your screen is no longer broken, or in Internet Explorer there is a lock in the lower right corner of the statusbar.

BMDW uses 256-bit keys for the SSL encryption. To explain what this means and how secure this is, we refer to a quote from Jon Callas, the CTO of PGP corporation:

Modern cryptographic systems are essentially unbreakable, particularly if an adversary is restricted to intercepts. We have argued for, designed, and built systems with 128 bits of security precisely because they are essentially unbreakable. It is very easy to underestimate the power of exponentials. 2^128 is a very big number. Burt Kaliski first came up with this characterization, and if he had a nickel for every time I tell it, he could buy a latte or three.

Imagine a computer that is the size of a grain of sand that can test keys against some encrypted data. Also imagine that it can test a key in the amount of time it takes light to cross it. Then consider a cluster of these computers, so many that if you covered the earth with them, they would cover the whole planet to the height of 1 meter. The cluster of computers would crack a 128-bit key on average in 1,000 years.

If you want to brute-force a key, it literally takes a planet-ful of computers. And of course, there are always 256-bit keys, if you worry about the possibility that government has a spare planet that they want to devote to key-cracking.

A firewall or proxy server may secure and/or filter the communication between you and the outside world, the internet, and may cause logon problems. Secure-HTTP (SSL-encrypted) traffic passes through port 443 in the firewall or proxy server. This port is often closed. In this case, as a result of port 443 being blocked, you do not get a username / password dialogue and your browser will return an error.

To solve this problem, ask the person in charge of the firewall or proxy server to open the Secure-HTTP (or SSL) port 443.

Did you encounter a dialog box stating 'Certificate Authority Is Expired' when you tried to access one of our secure pages? Simply click Continue: the SSL session that secures your transaction with our site is not affected. You can avoid the dialog box in the future by upgrading your browser. Server certificates enable SSL encryption with hundreds of different Web browsers and Web servers. There is a minor user interface error with Netscape Communicator versions 4.05 and earlier and Microsoft Internet Explorer 4.01 for Macintosh, which include a component called a root CA certificate that is set to expire at the end of 1999. Users of these older browsers will experience an additional dialog box when connecting securely with your site after January 1, 2000.

BMDW - Bone Marrow Donors Worldwide * Plesmanlaan 1b * 2333 BZ Leiden * The Netherlands