Science Fair Project Encyclopedia
HTTPS is the secure version of HTTP, the communication protocol of the World Wide Web. It was invented by Netscape Communications Corporation to provide authentication and encrypted communication and is used in electronic commerce.
Instead of using plain text socket communication, HTTPS encrypts the session data using either a version of the SSL (Secure Socket Layer) protocol or the TLS (Transport Layer Security) protocol, thus ensuring reasonable protection from eavesdroppers, and man in the middle attacks. The default TCP/IP port of HTTPS is 443.
In web pages that use HTTPS, the URL begins with 'https://' rather than 'http://'.
A common misconception among credit card users on the Web is that HTTPS "fully" protects their transaction when submitting a card purchase, when in reality it only encrypts their card information between their browser and the receiving Web server. At that point, their card information is typically stored in a server database (often not even immediately transmitted to a credit card processor), and it is the server and database that is usually attacked and compromised by unauthorized users.
- Technical Descriptions of Secured HTTP
- Technical specification of HTTP over TLS (RFC 2818)
- SSL/TLS Strong Encryption: An Introduction from the Apache HTTP Server Version 2.0 Documentation
The contents of this article is licensed from www.wikipedia.org under the GNU Free Documentation License. Click here to see the transparent copy and copyright details