Custom Search

Friday, July 25, 2008

Getting secured with https...

Most of the users who uses internet are hopefully aware about the protocol "http". This is very standard protocol used for the internet communication. Sometimes you might have even seen webpages which starts with "https". Why do we need https, when we already have http?

HTTP stands for HyperText Transport Protocol, which is just a fancy way of saying it's a protocol for information to be passed back and forth between web servers and clients. If you visit a website or webpage, and look at the address in the web browser, it will likely begin with the following: http://. This means that the website is talking to your browser using the regular 'unsecure' language. In other words, it is possible for someone to "eavesdrop" on your computer's conversation with the website. If you fill out a form on the website, someone might see the information you send to that site.

This is the reason why never ever give credit card or Net banking login information in http website. You never know when you may get hooked if you use "http" website.

But if the web address begins with https://, that basically means your computer is talking to the website in a secure code that no one can eavesdrop on. HTTPS utilizes tcp/udp port 443 for encrypted web surfing via
SSL (Secure Sockets Layer) or the more recent TLS (Transport Layer Security) protocols. HTTPS provides for reasonably secure bi-directional encrypted communication on the Internet.

Almost all the mail services use https protocol. Eg:
gmail, yahoo.. But "https" is little slower than "http" protocol. The reason is that it has to decrypt all the data.

No comments: