Options
kimbersoft.com Study Workshop MS Love and the Soul
Study 7LiberalArts Library Software Technologies WWW Technical Fast Track
Technical Fast Track Today Tomorrow
Tomorrow 1 Knowledge Management Browsers Cookie .htaccess HTTPS Servers Sites and Spiders
2 Hardware Software Programming Languages Networking Operation Systems
3 Analytics Search Engines Developer Resources
RFC 2818: HTTP Over TLS
RFC 5246: The Transport Layer Security Protocol 1.2
from Wikipedia
HTTPS (also called HTTP over TLS, HTTP over SSL, and HTTP Secure) is a protocol for secure communication over
a computer network which is widely used on the Internet.
HTTPS consists of communication over Hypertext Transfer Protocol (HTTP) within a connection encrypted by Transport
Layer Security or its predecessor, Secure Sockets Layer.
The main motivation for HTTPS is authentication of the visited website and protection of the privacy and
integrity of the exchanged data.
In its popular deployment on the internet, HTTPS provides authentication of the website and associated web server
with which one is communicating, which protects against man-in-the-middle attacks.
Additionally, it provides bidirectional encryption of communications between a client and server, which protects
against eavesdropping and tampering with and/or forging the contents of the communication.
In practice, this provides a reasonable guarantee that one is communicating with precisely the website that
one intended to communicate with (as opposed to an impostor), as well as ensuring that the contents of communications
between the user and site cannot be read or Workshopd by any third party.
Historically, HTTPS connections were primarily used for payment transactions on the World Wide Web, e-mail
and for sensitive transactions in corporate information systems.
In the late 2000s and early 2010s, HTTPS began to see widespread use for protecting page authenticity on all
types of websites, securing accounts and keeping user communications, identity and web browsing private.
from Wikipedia
In cryptography, a public key certificate, also known as a digital certificate or identity certificate, is an
electronic document used to prove the ownership of a public key. The certificate includes information about the key,
information about the identity of its owner (called the subject), and the digital signature of an entity that has
verified the certificate's contents (called the issuer). If the signature is valid, and the software examining the
certificate trusts the issuer, then it can use that key to communicate securely with the certificate's subject.
In email encryption, code signing, and e-signature systems, a certificate's subject is typically a person or
organization. However, in Transport Layer Security (TLS) a certificate's subject is typically a computer or other
device, though TLS certificates may identify organizations or individuals in addition to their core role in
identifying devices. TLS, sometimes called by its older name Secure Sockets Layer (SSL), is notable for being a part
of HTTPS, a protocol for securely browsing the web.
In a typical public-key infrastructure (PKI) scheme, the certificate issuer is a certificate authority (CA),
usually a company that charges customers to issue certificates for them. By contrast, in a web of trust scheme,
individuals sign each other's keys directly, in a format that performs a similar function to a public key certificate.
The most common format for public key certificates is defined by X.509. Because X.509 is very general, the
format is further constrained by profiles defined for certain use cases, such as Public Key Infrastructure (X.509)
as defined in RFC 5280.
© Copyright 2021 kimbersoft.com . Terms of Service . Privacy Policy