Let’s look in deep about the difference between HTTPS and HTTP.
HTTP:-
HTTP stands for HyperText Transfer protocol. This is the simple system to transfer the HTML files across internet. Http serves as a request and response procedure that all agents on the Internet follow so that information can be rapidly, easily, and accurately transferred between servers, which hold information, and clients, who are trying to access it.
HTTPS:-
HTTPS (Hypertext Transfer Protocol over Secure Socket Layer or HTTP over SSL) is a Web protocol developed by Netscape and built into its browser that encrypts and decrypts user page requests as well as the pages that are returned by the Web server. HTTPS is really just the use of Netscape's Secure Socket Layer (SSL) as a sub layer under its regular HTTP application layering.
Https is not a separate protocol, but refers to the combination of a normal HTTP interaction over an encrypted Secure Sockets Layer (SSL) or Transport Layer Security (TLS) transport mechanism. This ensures reasonable protection from eavesdroppers and (provided it is implemented properly and the top level certification authorities do their job properly) man-in-the-middle attacks.
Now we can talk about use of both type of system of transferring the information. HTTP is used for day to day transmission of data where we need not to worry about the confidentiality of information. Like browsing internet, accessing Wikipedia etc.
HTTPS play very important role when we consider information security, as when we logon to any bank site, making online payment, login to any site like Facebook, Orkut etc. At that time HTTPS makes sure to encrypt all the information before sending across internet.
Never do any bank transaction or credit card related transaction if page does not have HTTPS:// in address bar.
The default TCP port of an https: URL is 443 (for unsecured HTTP, the default is 80). To prepare a web-server for accepting https connections the administrator must create a public key certificate for the web-server. These certificates can be created for Linux based servers with tools .This certificate must be signed by a certificate authority of one form or another, who certifies that the certificate holder is who they say they are. Web browsers are generally distributed with the signing certificates of major certificate authorities, so that they can verify certificates signed by them.
Difference between HTTPS and HTTP (HTTPS vs HTTP):-
1. HTTP is a simple protocol whereas HTTPS uses encryption.
2. HTTP has no authorization part whereas HTTPS first check the authorization.
3. HTTP uses port 80 whereas HTTPS uses port 443.
4. HTTP has no need of third party whereas HTTPS need third party for certification.
5. HTTP has direct information transfer whereas HTTPS takes many roundtrip before information transfer.
Post a Comment