Monday, 5 January 2015

Difference between HTTP and HTTPS

Acronym for
Hypertext Transfer Protocol
Hypertext Transfer Protocol Secure
It is the request response based application protocol in client-server model & is designed to work within the framework of Internet Protocol Suit.
It is a Secured version of HTTP to allow secure transactions. E.g. Net banking. It wraps the entire communication within SSL, thus, encryption starts before any data is sent.
Ports Used
This Protocol works on TCP/IP Port No. 80 or 8080
This Protocol Uses TCP/IP Port No.443 for data communication.
This Protocol is a stateless protocol and do not uses any encryption method.
HTTPS uses long term public and secret keys to exchange a short term session key to encrypt data flow between client and server.

Less Secure, Implementation of methods like TRACE, TRACK and DEBUG are considered potentially insecure because attackers can use them to gather information or bye pass security controls during attacks.
More Secure, It provides bidirectional encryption of data between client and server. This creates a secure channel over an insecure network.
In Browser

No comments:

Post a Comment