HTTP is Hyper Text Transport Protocol and is transmitted over the wire via PORT 80(TCP). You normally use HTTP when you are browsing the web, its not secure, so someone can eavesdrop on the conversation between your computer and the web server.
HTTPS (Hypertext Transfer Protocol over Secure Socket Layer, or HTTP over SSL) is a Web protocol developed by Netscape and built into its browser that encrypts and decrypts user page requests as well as the pages that are returned by the Web server. HTTPS is really just the use of Netscape's Secure Socket Layer (SSL) as a sublayer under its regular HTTP application layering. (HTTPS uses port 443 instead of HTTP port 80 in its interactions with the lower layer, TCP/IP.) SSL uses a 40-bit key size for the RC4 stream encryption algorithm,new-age browsers use 128-bit key size which is more secure than the former, it is considered an adequate degree of encryption for commercial exchange.HTTPS is normally used in login pages, shopping/commercial sites.
Although it may be encrypted does not mean its safe, there are tools out there to decrypt the information being sent over the wire, although its more difficult to do so.
No comments:
Post a Comment