In today’s post we will see some of the differences between http and https; two protocols designed to transfer data between two computers through the World Wide Web:

HTTP

HTTPS

  • Stands for Hypertext Transfer Protocol.
  • Also known as Hypertext Transfer Protocol Secure .
  • It is a protocol used in a network system whereby two machines (client and server) communicate. The client requests information from the server, which responds in the form of a web page.
  • The https system is a combination of hypertext transfer protocol (https) and SSL / TLS protocol.
  • This protocol can be implemented on any other protocol on the Internet or other networks.
  • It is a more secure way to send requests to the server from the client. Thanks to the encryption, nobody can know what the request consists of.
  • Http doesn´t care how the data travels from Point A to Point B, or even if it moves at all.
  • Https differentiates one sender and one receiver from the others. SSL takes the data and encrypts it.
  • It does not require domain validation.
  • This protocol requires domain validation (some certificates even require validation of legal documents).
  • Both of them are stateless protocols, that is, the duration of a connection corresponds to a single request-response sequence in which each request is treated as a new one.
  • The first HTTP only had one method called GET, which requested a page from the server and the response was an HTML page. The latest version of HTTP defines nine request methods.

HTTP

  • In this case the URL starts with http: //

HTTPS

  • The URL starts with https: //. The browser usually adds an icon next to the URL to certify that it offers a secure connection.
  • The port used for communication is 80.
  • In the case of https, the port is 443.
  • There is no encryption. On certain websites where sensitive information is shared, it is too vulnerable.
  • Thanks to encryption offers greater security to access the content offered by the Internet because the data can only be seen by the client and the server.
  • Only the sender and the recipient know the “code” and can decrypt the message.
  • Does not require certificates
  • An SSL certificate is required.
  • It works at the application level (seventh layer) of the OSI Model, which is the highest layer.
  • Since it works at transport level it is done in a lower layer.
  • It offers greater speed. HTTP pages are stored on the computer and caches so that they load faster. In contrast, these systems are difficult to control.
  • Encryption and decryption imply a greater band consumption. Therefore, the speed is lower (it can be increased with http/2)

While it is true that https offers high levels of security, it is not immune. Without going into detail about the vulnerabilities, the high number of certificate authorities (many of which are unreliable) is a serious problem. In fact, certificates have been issued for pages that should never have had one.

Would the same thing happen with IC Tech?

Follow us on Twitter y LinkedIn to keep up-to-date with the latest news