We’ve talked about IP addresses and we have talked about servers, so we know a lot about the background of how the Internet functions. Today, we’re touching on a subject that you have experienced every time you surf the World Wide Web: HTTP.
HTTP – Hypertext Transfer Protocol – is an application protocol for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web. HTTP defines how messages are formatted and transmitted, and what actions Web servers and browsers should take in response to various commands. When you enter a URL in a browser, it sends an HTTP command to the Web server directing it to fetch and transmit the requested Web page.
Hypertext Transfer Protocol Secure (HTTPS) is something you’ve probably seen when going to websites that have a higher level of security, such as banking sites or bill paying sites. Even Facebook has recently begun using HTTPS. HTTPS is a widely used communications protocol for secure communication over a computer network. Technically, it isn’t a protocol in itself, but rather a result of layering HTTP on top of TLS protocol.
Let’s back up and define TLS. Transport Layer Security is a set of cryptographic protocols that provide communication security over the Internet. The TLS is made up of two layers: the TLS Record Protocol and the TLS Handshake Protocol. Record Protocol is layered on top of a reliable transport protocol, such as TCP, and ensures that the connection in is private by using asymmetric data encryption. Handshake allows authentication between the server and the client and the negotiation of an encryption algorithm and cryptographic keys before the application protocol transmits or receives any data.