Pages

Friday, October 17, 2008

Difference Between http and https

The main difference between http:// and https:// is -

It's all about keeping you secure, HTTP stands for HyperText Transport Protocol, which is just a fancy way of saying it's a protocol (a language, in a manner of speaking) for information to be passed back and forth between web servers and clients.

The important thing is the letter S which makes the difference between HTTP and HTTPS. The S (big surprise) stands for 'Secure'.

If you visit a website or webpage, and look at the address in the web browser, it will likely begin with the following:

http://. This means that the website is talking to your browser using the regular 'unsecure' language.

In other words, it is possible for someone to 'eavesdrop' on your computer's conversation with the website. If you fill out a form on the website, someone might see the information you send to that site.

This is why you never ever ever enter your credit card number in an http website!

But if the web address beg ins with https://, that basically means your computer is talking to the website in a secure code that no one can eavesdrop on.

You understand why this is so important, right?

If a website ever asks you to enter your credit card information, you should automatically look to see if the web address begins with https://. If it doesn't, there's no way you're going to enter sensitive information like a credit card number!

http VS https

Check out the Tigerair http://www.tigerairways.com/home/and Jetstar airways http://www.jetstar.com/3k/index.html both when come to booking the ticket and keying the personal information, it'll show
https://booking.tigerairways.com/skylights/cgibin/skylights
and https://jetstar.com/skylights/cgi-bin/skylights.cgi

SO it is safe to do that booking.... pls remember when you buy any thing online make sure passing your information on the website showing https, REPEAT, https........ don't doing anything that is without the 's'.

WISHING YOU READERS HAPPY & SAFE ONLINE SHOPPING!

REFERENCES:

Hypertext Transfer Protocol (HTTP) is a communications protocol for the transfer of information on the Internet. Its use for retrieving inter-linked text documents (hypertext) led to the establishment of the World Wide Web.
HTTP development was coordinated by the World Wide Web Consortium and the Internet Engineering Task Force (IETF), culminating in the publication of a series of Request for Comments (RFCs), most notably RFC 2616 (June 1999), which defines HTTP/1.1, the version of HTTP in common use.
HTTP is a request/response standard between a client and a server. A client is the end-user, the server is the web site. The client making a HTTP request - using a web browser, spider, or other end-user tool - is referred to as the user agent. The responding server - which stores or creates resources such as HTML files and images - is called the origin server. In between the user agent and origin server may be several intermediaries, such as proxies, gateways, and tunnels. HTTP is not constrained to using TCP/IP and its supporting layers, although this is its most popular application on the Internet. Indeed HTTP can be "implemented on top of any other protocol on the Internet, or on other networks. HTTP only presumes a reliable transport; any protocol that provides such guarantees can be used."
Typically, an HTTP client initiates a request. It establishes a Transmission Control Protocol (TCP) connection to a particular port on a host (port 80 by default; see List of TCP and UDP port numbers). An HTTP server listening on that port waits for the client to send a request message. Upon receiving the request, the server sends back a status line, such as "HTTP/1.1 200 OK", and a message of its own, the body of which is perhaps the requested file, an error message, or some other information.
(Refer to: http://en.wikipedia.org/wiki/HTTP)

Hypertext Transfer Protocol over Secure Socket Layer or HTTPS is a URI scheme used to indicate a secure HTTP connection. It is syntactically identical to the http:// scheme normally used for accessing resources using HTTP. Using an https: URL indicates that HTTP is to be used, but with a different default TCP port (443) and an additional encryption/authentication layer between the HTTP and TCP. This system was designed by Netscape Communications Corporation to provide authentication and encrypted communication and is widely used on the World Wide Web for security-sensitive communication such as payment transactions and corporate information systems.
(Refer to http://en.wikipedia.org/wiki/Https)