Re: HTTPS

in reply to HTTPS

Short answer, main differences:

HTTPS supports encryption, so the information exchanged between (usually) the browser and the server is not intelligible by other parties;
HTTPS supports authentication, so the browser can make sure he's talking to the right server and not to a server that's pretending to have another identity. Vice-versa is also possible but rarely used.

HTTP connections are neither encrypted nor authenticated.

Long answer: check these results on google.

-- TMTOWTDI

Comment on Re: HTTPS

Replies are listed 'Best First'.
Re: Re: HTTPS by echo (Pilgrim) on Aug 16, 2001 at 20:25 UTC
not to nitpick, but... HTTP connections are neither encrypted nor authenticated Not true. HTTP supports optional authentication mechanisms, and RFC 2617 covers two of them: Basic authentication and Digest authentication. Whether you trust the former, or whether your current browser implements the latter, is of course another story ;)	[reply]
Re: Re: Re: HTTPS by trantor (Chaplain) on Aug 17, 2001 at 10:01 UTC
You're talking about a protocol feature that allows a client to submit a username/password pair to the server. I was talking about the underlying SSL mechanism that allows a client to verify the server's identity using certificates (very simplified). -- TMTOWTDI	[reply]

In Section Seekers of Perl Wisdom