Root certificates

Secure Internet transactions are based on Web sites identifying themselves with digital IDs known as certificates. For a Web site's certificate to be widely recognized as valid it should be issued by an established certifying authority (CA). Dozens of CAs have been established since they first came into existence. Each CA has its own certificate, which contains its digital ID or signature. Web browsers come with a pre-installed list of CAs that they trust to vouch for the identity of Web sites. When the Web site presents your browser with a certificate signed by one of these CAs, the browser will look up the authority's signature in its predefined list.

If the browser finds the signature and it matches, it will allow the SSL session to continue.

If the CA is not listed, or the signature for a listed CA does not match, the browser will display a dialog box indicating the certificate authority has expired. A CA or root certificate works like a credit card, which is only valid for a limited period and expires on a certain date. When a credit card expires, the issuing credit card company revokes the old card and issues a new card to the customer. Certificate authorities work similarly by issuing a CA certificate for a limited period of time and issuing another one when it expires.

If you do see the dialog box, click the appropriate box to continue with the EFILE session. The secure socket layer session that secures your transaction with our site is not affected. All information sent between the browser and the Web site server will still be encrypted. However, you should upgrade your browser to the most recent version as soon as possible.

The effected browsers are:

• Netscape Communicator 4.05 and earlier versions
• Microsoft Internet Explorer 4.01 for Macintosh and earlier versions.