HTTPS vs HTTP

HTTP stands for Hypertext Transfer Protocol. Which means, it is a protocol that we can use for transferring Hypertext datas. “S" in HTTPS stands for Over Secure Socket Layer. Intuitively, it’s secured HTTP protocol. HTTP sends data without encryption; hackers can easily eavesdrop data flowing between server and client.

HTTPS and SSL

HTTPS and SSL are not same concept as Internet and Web are not same. SSL protocol is more broad concept; HTTPS works on the SSL protocol.

SSL and TLS

Netscape developed SSL, but this term was redefined by IETF to TLS. However, no one cares and it is stilled called by SSL.

SSL Digital Certificate

Communication between client and server can be guaranteed by third person, and documented to SSL certificate. Right after client approaches server, server sends this certificate to client. Client examines whether is certificate is trustable and safe, then client processes next procedures. There we can earn benefits by SSL.

• Hide information from eavesdropper
• Client can determine if server is trustable or not
• Both can assure if communication was changed in the middle or not

Citation

http://opentutorials.org/course/228