Basic Computer Security/Web Security/HTTP HTTPS and SSL

From Wikibooks, open books for an open world
Jump to: navigation, search
Padlock


Introduction[edit]

HTTP, or Hypertext Transfer Protocol is an application protocol used by most webservers and web browsers. HTTP is used to transfer HTML (Hypertext Markup Language, essentially the language of the Internet) between servers and clients. HTTPS, or Hypertext Transfer Protocol Secure is a variation of the standard HTTP, in which the connection is layered with SSL, which stands for Secure Sockets Layer.

About HTTPS and SSL[edit]

HTTPS works by layering SSL over a standard HTTP connection, thus resulting in a more secure connection to the Internet. While other ways of securing an HTTP connection exist, such as SHTTP, HTTPS is by far the most well-known and widely used protocol. TSL, and its predecessor SSL are crytographic protocols used for securing communications over the Internet. SSL is not only used in web browsing, but also in email, IM, and VoIP programs as well.

What It Means[edit]

These additional security protocols usually ensure that information cannot be read or intercepted before it reaches its destination. Use of a secure connection can usually be denoted by a lock icon in the address bar, or "https://" instead of "http://" preceding a URL. Use of secure connections is common for online shopping websites and websites that require personal information or financial/credit card information.


Return to the Main Page