What is the Difference Between http and https?
internet computers

Hypertext Transfer Protocol (http) is a system for transmitting and receiving information across the Internet. Http serves as a request and response procedure that all agents on the Internet follow so that information can be rapidly, easily, and accurately disseminated between servers, which hold information, and clients, who are trying to access it. Http is commonly used to access html pages, but other resources can be utilized as well through http. In many cases, clients may be exchanging confidential information with a server, which needs to be secured in order to prevent unauthorized access. For this reason, https, or secure http, was developed by Netscape corporation to allow authorization and secured transactions.

In many ways, https is identical to http, because it follows the same basic protocols. The http or https client, such as a Web browser, establishes a connection to a server on a standard port. When a server receives a request, it returns a status and a message, which may contain the requested information or indicate an error if part of the process malfunctioned. Both systems use the same Uniform Resource Identifier (URI) scheme, so that resources can be universally identified. Use of https in a URI scheme rather than http indicates that an encrypted connection is desired.

There are some primary differences between http and https, however, beginning with the default port, which is 80 for http and 443 for https. Https works by transmitting normal http interactions through an encrypted system, so that in theory, the information cannot be accessed by any party other than the client and end server. There are two common types of encryption layers: Transport Layer Security (TLS) and Secure Sockets Layer (SSL), both of which encode the data records being exchanged.

When using an https connection, the server responds to the initial connection by offering a list of encryption methods it supports. In response, the client selects a connection method, and the client and server exchange certificates to authenticate their identities. After this is done, both parties exchange the encrypted information after ensuring that both are using the same key, and the connection is closed. In order to host https connections, a server must have a public key certificate, which embeds key information with a verification of the key owner's identity. Most certificates are verified by a third party so that clients are assured that the key is secure.

Https is used in many situations, such as log-in pages for banking, forms, corporate log ons, and other applications in which data needs to be secure. However, if not implemented properly, https is not infallible, and therefore it is extremely important for end users to be wary about accepting questionable certificates and cautious with their personal information while using the Internet.

Related wiseGEEK articles
What Is TLS?
How Do I Encrypt Files?
What is Data Encryption?
What is Encryption Software?
How Can I Be Safe While Shopping Online?
What are Digital Signatures?
What is a URL?

Category
Internet and Computers

wiseGEEK features
Email this Article
Print this Article
Link to this Article
Comment on this Article
Add Page to Favorites
Suggest a Topic

Subscribe to wiseGEEK
RSS Feed
Twitter

Discuss this Article
55
Good article.
- anon64051
54
It's good information to get clear idea about HTTP and HTTPS. --Magukutti.
- anon62893
53
a nice article for beginner. helps in understanding the basic difference between http and https.
- anon62016
52
pretty good info about http and https. thanks for the author who provided this.
- anon61222
51
Very good information is posted here. But we are looking for a detailed description.
- anon60149
49
HTTPS encrypts the values that is sent during the postbacks, all the viewstate data will be in encrypted format. where as HTTP doesn't encrypt the postback values and will be in string format. Options for configuring different security level will be done in IIS or web server. Client may or may not have certificates. it depends on the web server security configuration. Correct me if am wrong :) mv kotekar Thank you.
- anon57538
47
I am still confuses with this. Should I know the functional difference between this two?

Thanks in advance. --Arvind

- anon55522
46
I want to know the actual functional or technical working of both HTTP and HTTPS, as well as the functional differences between them.

- anon54902
45
It's a good article. Gives basic information about http and https.
- anon54901
43
Very nice article.
- anon54389
42
A sweet, short and complete picture of the topic
- anon54125
41
Https works in the transport layer and http in the presentation layer.
- anon52981
39
It's a good article, giving basic information about http adn https. Nice work.
- anon52432
38
It's a good article.
- anon52177
37
It's really a very good answers. i am able to sort out all my queries. thanks.
- anon51502
36
Really nice answer.
- anon51061
35
It's a good article. it cleared my questions.

Thank you.

- anon50715
32
really good article! by sarath
- anon48859
31
It's really nice information.
- anon48629
30
nice article. it may be helpful to new comers. thanks anilaluvala
- anon47761
29
Very informative to understand the basic difference, which will help even a layman to have a nice idea. Rajesh
- anon47737
28
Nice article. Informative.
- anon47340
27
good article.
- anon44610
26
What are the advantages of https?
- anon44569
25
good article, nicely posted.
- anon43593
24
great, it's really a great article. i was just looking for this kind of article about difference between http and https. thanks
- anon43423
23
A more elaborate description should be post terms a user can understand.
- anon43254
22
Good one. I really want to know about secure connections over the web!
- anon42403
20
good one. really helps
- anon41587
19
Useful information -- Aparna
- anon41310
18
It really helps.
- anon40297
17
Great article!
- anon39763
15
in which layer of Model it differ?means network layer or presentation layer?
- anon38004
14
i am getting an issue when posting to a HTTP URL...i am using a https connetion in my code...

should it give an error ???

- anon37997
13
if https is secured then why do we use http
- anon37653
12
How can we create Https in web browsers

- anon35081
11
Most of the webmails like gmail, yahoo etc.. use secured http(https) but why rediff mail is not using secured one? Does it mean it is not at all secured?
- anon34595
10
What are the advantages of https?
- anon31538
5
It's a good article.. Giving basic information about http & https..
- anon15931
4
I want to know the actual functional or technical working of both HTTP and HTTPS, as well as the functional differences between them.
- praavin007
3
I want to know functional/technical difference between HTTP and HTTPS.
- anon5734

FREE: Subscribe to wiseGEEK
 
    learn more

our strict privacy policy ensures that your email address will be safe


Written by S.E. Smith
Last Modified: 08 February 2010

copyright © 2003 - 2010
conjecture corporation


home FAQ contact about testimonials terms privacy policy rss