Hypertext Transfer Protocol (http) is a system for transmitting and receiving information over the Internet. Http works as a request and response procedure followed by all Internet agents so that information can be spread quickly, easily and accurately between the servers that store the information and the clients that try to access it. Http is commonly used to access html pages, but other functions can be used through http as well. In many cases, clients may be exchanging sensitive information with a server, which must be protected from unauthorized access. For this reason, Netscape Corporation developed https, or secure http, to enable secure transactions and authorization.
Https or secure http.
In many ways, https is identical to http, because it follows the same basic protocols. The http or https client, such as a web browser, establishes a connection to a server on a standard port. When a server receives a request, it returns a status and a message, which can contain the requested information or indicate an error if part of the process is not working correctly. Both systems use the same Uniform Resource Identifier (URI) scheme, so resources can be universally identified. The use of https in a URI scheme instead of http indicates that an encrypted connection is desired.
Http is not encrypted.
However, there are some key differences between http and https, starting with the default port, which is 80 for http and 443 for https. Https works by passing normal http interactions through an encrypted system, so in theory, no one but the client and the end server can access the information. There are two common types of encryption layers: Transport Layer Security (TLS) and Secure Sockets Layer (SSL), which encrypt the data records that are exchanged.
When using an https connection, the server responds to the initial connection by offering a list of supported encryption methods. In response, the client selects a connection method, and the client and server exchange certificates to authenticate their identities. After doing this, both parties exchange the encrypted information after making sure that they both use the same key and the connection is closed. To host https connections, a server must have a public key certificate, which embeds key information with verification of the identity of the key owner. Most certificates are third-party verified so customers can be sure the key is secure.
Https is used in many situations, such as bank login pages, forms, corporate logins, and other applications where data needs to be protected. However, if not implemented correctly, https is not foolproof, and therefore it is extremely important that end users be careful about accepting questionable certificates and be cautious with their personal information when using the Internet.
The http or https client, such as a web browser, establishes a connection to a server on a standard port.
