Until recently, HTTPS was really used only by eCommerce sites for some specific pages like payment, login pages. Recent Google's announcement about HTTPS as a ranking signal and there failure could mean ranking will take a hit.
And that would mean less traffic and less business.
So, first of all, What exactly HTTP'S' means??
HTTP stands for Hypertext transfer protocol that enables communication( exchange message) between different system on internet. It is used for transferring data from a web server to a browser to view the web page.
HTTP ( note that no 's' on the end) data is not secure/encrypted and it can be intercepted by third parties between hops(routers) to gather data being transfer between two systems.
HTTPS is the secure version of HTTP and involves the use of an SSL certificate where SSL stands for secure socket layer, which creates a secure encrypted connection between server and browser. It offers a base level web security.
Using HTTPS, the computer devices agree on a code between them and then they scramble the message using this code so that no one in between can read the message. The code is used on Secure Socket Layer(SSL) also known as Transport Layer Security to send message back and forth. .This keeps message safe from hackers/interceptors.
SSL certificates contain the computer owner's - public key.
The owner shares the public key with anyone who needs it. Using this shared public key other user encrypt messages to the owner. The owner share the public key using SSL certificate. The owner does not share private key to anyone.
HTTPS uses asymmetric public key Infrastructure(PKI). PKI uses two key to encrypt communication known as public key and private key. Anything encrypted with the public key can only be decrypted by the private key.
As names suggest, the private key should keep strictly protected and should be accessible by the owner of private key.The private key remains securely ensconced on the web server. The public key is intended to be distributed to anybody and everybody. Recipient's Public key is used to encrypt the message and the decryption key is recipient's private key.
Though private and public keys are related mathematically, it is not be feasible to calculate the private key from the public key. In fact, intelligent part of any public-key crypto system is in designing a relationship between two keys.
This is all for current entry. We will discuss the process of switching to HTTPS in next entry.
Enjoy Reading!!
And that would mean less traffic and less business.
So, first of all, What exactly HTTP'S' means??
HTTP stands for Hypertext transfer protocol that enables communication( exchange message) between different system on internet. It is used for transferring data from a web server to a browser to view the web page.
HTTP ( note that no 's' on the end) data is not secure/encrypted and it can be intercepted by third parties between hops(routers) to gather data being transfer between two systems.
HTTPS is the secure version of HTTP and involves the use of an SSL certificate where SSL stands for secure socket layer, which creates a secure encrypted connection between server and browser. It offers a base level web security.
Using HTTPS, the computer devices agree on a code between them and then they scramble the message using this code so that no one in between can read the message. The code is used on Secure Socket Layer(SSL) also known as Transport Layer Security to send message back and forth. .This keeps message safe from hackers/interceptors.
SSL certificates contain the computer owner's - public key.
The owner shares the public key with anyone who needs it. Using this shared public key other user encrypt messages to the owner. The owner share the public key using SSL certificate. The owner does not share private key to anyone.
HTTPS uses asymmetric public key Infrastructure(PKI). PKI uses two key to encrypt communication known as public key and private key. Anything encrypted with the public key can only be decrypted by the private key.
As names suggest, the private key should keep strictly protected and should be accessible by the owner of private key.The private key remains securely ensconced on the web server. The public key is intended to be distributed to anybody and everybody. Recipient's Public key is used to encrypt the message and the decryption key is recipient's private key.
Though private and public keys are related mathematically, it is not be feasible to calculate the private key from the public key. In fact, intelligent part of any public-key crypto system is in designing a relationship between two keys.
This is all for current entry. We will discuss the process of switching to HTTPS in next entry.
Enjoy Reading!!
Hi There,
ReplyDeleteInteresting piece!Great to see someone write #topic who is not a fanatic or a complete skeptic.
I enjoy reading the various AWS blogs and staying up to date with new offerings and best practices. I typically go to the root of the blog site and check the "Latest Posts" section at the bottom.
It looks like the "Latest Posts" section stopped updating about 2 weeks ago on April 20th. It would be very helpful if this could be fixed since this was very useful.
Excellent tutorials - very easy to understand with all the details. I hope you will continue to provide more such tutorials.
Merci Beaucoup,
Radhey
Hey,
ReplyDeleteIn total awe…. So much respect and gratitude to you folks for pulling off such amazing blogs without missing any points on the HTTP Vs HTTPS - Why one should Care? . Kudos!
This is my first time using AWS and I used EC2 to created 4 instances for some practice, I selected only free tier images to avoid incurring any cost, I accidently created 1 instances that is not free and deleted probably 1 or 2 day later. AWS Training
Appreciate your effort for making such useful blogs and helping the community.
Kind Regards,
Ajeeth