Differences

This shows you the differences between two versions of the page.

--- products:ict:communications:internet:protocols:https [2024/03/13 14:04] – created wikiadmin
+++ products:ict:communications:internet:protocols:https [2024/03/13 14:12] (current) – wikiadmin
@@ Line 1: / Line 1: @@
+====== HTTPS (Hypertext Transfer Protocol Secure) ======
+HTTPS (Hypertext Transfer Protocol Secure) is an extension of HTTP (Hypertext Transfer Protocol) that is used to secure communication over a computer network, typically the internet.
+. Overview:
+HTTPS is designed to provide a secure and encrypted communication channel between clients (such as web browsers) and servers.
+It uses SSL/TLS protocols to encrypt data transmitted between the client and the server, ensuring confidentiality and integrity of the exchanged information.
+HTTPS is widely used for securing sensitive data transmission, such as login credentials, financial transactions, and personal information.
+. Features:
+Encryption: HTTPS encrypts data using SSL/TLS protocols, preventing unauthorized interception and eavesdropping by third parties.
+Authentication: HTTPS provides server authentication, ensuring that clients are communicating with legitimate servers and not impostors.
+Data Integrity: HTTPS guarantees the integrity of data exchanged between the client and server, preventing tampering or modification during transmission.
+. SSL/TLS Protocols:
+HTTPS relies on SSL (Secure Sockets Layer) or its successor TLS (Transport Layer Security) protocols for encryption and authentication.
+SSL and TLS protocols establish a secure connection between the client and the server through a process of handshake, key exchange, and encryption.
+. Certificate Authorities (CAs):
+HTTPS requires the use of SSL/TLS certificates, which are issued by Certificate Authorities (CAs).
+SSL/TLS certificates contain cryptographic keys and identifying information about the server, providing assurance to clients about the server's authenticity.
+CAs play a crucial role in verifying the identity of entities requesting SSL/TLS certificates and ensuring the integrity of the certificate issuance process.
+. Public Key Infrastructure (PKI):
+HTTPS relies on PKI for managing SSL/TLS certificates and ensuring the security of cryptographic operations.
+PKI includes a hierarchical system of CAs, registration authorities, and certificate repositories for certificate issuance, validation, and revocation.
+. Handshake Process:
+When a client connects to a server over HTTPS, they engage in a handshake process to establish a secure connection.
+The handshake involves negotiating encryption algorithms, exchanging cryptographic keys, and verifying the server's identity through SSL/TLS certificates.
+. Performance Considerations:
+While HTTPS provides security benefits, it can introduce some overhead due to encryption and decryption processes.
+Efforts are made to optimize HTTPS performance through techniques like session resumption, TLS False Start, and server-side optimizations.
+. Mixed Content and HSTS:
+Mixed content refers to the inclusion of both secure (HTTPS) and non-secure (HTTP) resources on a web page, which can compromise security.
+HTTP Strict Transport Security (HSTS) is a mechanism that instructs web browsers to always use HTTPS for communicating with a website, mitigating the risks associated with mixed content.
+. Browser Support and Adoption:
+Major web browsers support HTTPS by default and display indicators (such as a padlock icon) to signify secure connections.
+The adoption of HTTPS has been encouraged by industry standards and initiatives, including Google's ranking boost for secure websites and browser warnings for non-secure HTTP connections.
+HTTPS is essential for ensuring the security and privacy of internet communications, particularly for sensitive transactions and data exchanges. Its widespread adoption has become a standard practice for securing websites and web applications against various security threats.
 [[https://www.cloudflare.com/learning/ssl/what-is-https/|What is HTTPS?]]