Introduction to HTTP and HTTPS
Tuesday, January 27, 2009
In basic ways, https connection is similar to http. Both follow and use the same basic protocols. The http and https user, such as web browsers establish a connection to a server using a standard port. When a server is contacted by the browser, it will return with the requested information or presnt an error if the process is partly malfunctioned. Both http and https use the same URI (Uniform Resource Identifier) scheme.
HTTP is Hyper Text Transfer Protocol. it is a protocol used in transferring the documents from WWW.This protocol is light and can be used in various types of document. The development project of HTTP was coordinated by W3C and a working groups such as IETF. The HTTP client such as Web Browser usually start to make a request of TCP / IP connection to a particular port on the remote host. The port is usually port 80. An HTTP server which listen in the port waites for the client browser to send arequest. This request is followed by a MIME message that has some of the code that explains aspects of the information request from the page.
HTTPS: is Hyper Text Transfer Protocol over Secure socket layer. It is a secure version of the HTTP connection. HTTPS was found by Netscapes Corporation in providing authenticated communication which has a password. Beside using communication in Plain Text, HTTPS provides session data using protocol of SSL (Secure Socket Layer) or protocol of TLS (Transport Layer Security). The two protocols provides adequate protection from attacks. Generally, HTTPS port is 443.
The basic differences between http and https, however, is the usage of a default port. Port 80 is for http while port 443 is for https. Actually, Https connection works by transmitting the normal http through an encrypted system. There fore, the information transmitted will be hard accessed by any party other than the client and end server themselves. There are two types of encription. They are Transport Layer Security (TLS) and Secure Sockets Layer (SSL). Both layer encode the data records which is being exchanged.
Commonly, Https connection is used in many situations, such as log-in pages for banking, forms, corporate log on, and other applications. All the applications needs to secure the data. However, if the https is not implemented properly, it is not infallible. There is misunderstandings that often occur on many credit card holder who thinks that a HTTPS website is fully protecting their transactions. In fact, HTTPS is only making encryption of the information from their cards to their browser with a web server that receives the information. On the web server, the card information is typically stored in data base server. Sometimes it is not sent directly to the credit card processor. This database server is the most frequently targeted attack by the third parties. Therefore it is extremely important for the card holder and other end user to be wary about accepting questionable certificates and cautious and do carefully in giving the personal information while using the Internet.
HTTP is Hyper Text Transfer Protocol. it is a protocol used in transferring the documents from WWW.This protocol is light and can be used in various types of document. The development project of HTTP was coordinated by W3C and a working groups such as IETF. The HTTP client such as Web Browser usually start to make a request of TCP / IP connection to a particular port on the remote host. The port is usually port 80. An HTTP server which listen in the port waites for the client browser to send arequest. This request is followed by a MIME message that has some of the code that explains aspects of the information request from the page.
HTTPS: is Hyper Text Transfer Protocol over Secure socket layer. It is a secure version of the HTTP connection. HTTPS was found by Netscapes Corporation in providing authenticated communication which has a password. Beside using communication in Plain Text, HTTPS provides session data using protocol of SSL (Secure Socket Layer) or protocol of TLS (Transport Layer Security). The two protocols provides adequate protection from attacks. Generally, HTTPS port is 443.
The basic differences between http and https, however, is the usage of a default port. Port 80 is for http while port 443 is for https. Actually, Https connection works by transmitting the normal http through an encrypted system. There fore, the information transmitted will be hard accessed by any party other than the client and end server themselves. There are two types of encription. They are Transport Layer Security (TLS) and Secure Sockets Layer (SSL). Both layer encode the data records which is being exchanged.
Commonly, Https connection is used in many situations, such as log-in pages for banking, forms, corporate log on, and other applications. All the applications needs to secure the data. However, if the https is not implemented properly, it is not infallible. There is misunderstandings that often occur on many credit card holder who thinks that a HTTPS website is fully protecting their transactions. In fact, HTTPS is only making encryption of the information from their cards to their browser with a web server that receives the information. On the web server, the card information is typically stored in data base server. Sometimes it is not sent directly to the credit card processor. This database server is the most frequently targeted attack by the third parties. Therefore it is extremely important for the card holder and other end user to be wary about accepting questionable certificates and cautious and do carefully in giving the personal information while using the Internet.
