HTTPS

Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It uses encryption for secure communication over a computer network, and is widely used on the Internet.^[1]^[2] In HTTPS, the communication protocol is encrypted using Transport Layer Security (TLS) or, formerly, Secure Sockets Layer (SSL). The protocol is therefore also referred to as HTTP over TLS,^[3] or HTTP over SSL.

The principal motivations for HTTPS are authentication of the accessed website and protection of the privacy and integrity of the exchanged data while it is in transit. It protects against man-in-the-middle attacks, and the bidirectional block cipher encryption of communications between a client and server protects the communications against eavesdropping and tampering.^[4]^[5] The authentication aspect of HTTPS requires a trusted third party to sign server-side digital certificates. This was historically an expensive operation, which meant fully authenticated HTTPS connections were usually found only on secured payment transaction services and other secured corporate information systems on the World Wide Web. In 2016, a campaign by the Electronic Frontier Foundation with the support of web browser developers led to the protocol becoming more prevalent.^[6] HTTPS is now used more often by web users than the original, non-secure HTTP, primarily to protect page authenticity on all types of websites, secure accounts, and keep user communications, identity, and web browsing private.

^ "Secure your site with HTTPS". Google Support. Google Inc. Archived from the original on 1 March 2015. Retrieved 20 October 2018.
^ "What is HTTPS?". Comodo CA Limited. Archived from the original on 12 February 2015. Retrieved 20 October 2018. Hyper Text Transfer Protocol Secure (HTTPS) is the secure version of HTTP [...]{{cite web}}: CS1 maint: unfit URL (link)
^ "https URI Scheme". HTTP Semantics. IETF. June 2022. sec. 4.2.2. doi:10.17487/RFC9110. RFC 9110.
^ "HTTPS Everywhere FAQ". 8 November 2016. Archived from the original on 14 November 2018. Retrieved 20 October 2018.
^ "Usage Statistics of Default protocol https for Websites, July 2019". w3techs.com. Archived from the original on 1 August 2019. Retrieved 20 July 2019.
^ "Encrypting the Web". Electronic Frontier Foundation. Archived from the original on 18 November 2019. Retrieved 19 November 2019.

[1] "Secure your site with HTTPS". Google Support. Google Inc. Archived from the original on 1 March 2015. Retrieved 20 October 2018.

[2] "What is HTTPS?". Comodo CA Limited. Archived from the original on 12 February 2015. Retrieved 20 October 2018. Hyper Text Transfer Protocol Secure (HTTPS) is the secure version of HTTP [...]{{cite web}}: CS1 maint: unfit URL (link)

[3] "https URI Scheme". HTTP Semantics. IETF. June 2022. sec. 4.2.2. doi:10.17487/RFC9110. RFC 9110.

[httpse-4] "HTTPS Everywhere FAQ". 8 November 2016. Archived from the original on 14 November 2018. Retrieved 20 October 2018.

[5] "Usage Statistics of Default protocol https for Websites, July 2019". w3techs.com. Archived from the original on 1 August 2019. Retrieved 20 July 2019.

[6] "Encrypting the Web". Electronic Frontier Foundation. Archived from the original on 18 November 2019. Retrieved 19 November 2019.

[1]

[2]

[3]

[4]

[5]

[6]