http (hypertext transfer protocol)
- transfer hypertext data
- port: 80
https (hypertext transfer protocol over secure sockets layer)
- Secure called webpage and data
- But slower the transferring speed
- Port: 443
SSL (Secure Sockets Layer)
- Encryption: Hiding what is sent from one computer to another
- Computers agree on how to encrypt
- Server sends a certificate
- Client’s computer says “start encrypting”
- in here there are 3 messages
- Client key exchange: Both computers calculate a master secret code
- Change cipher spec: client’s computer is asking server to encrypt
- Finished: let’s start now
- The server says “start encrypting”
- in here there are 2 messages
- change cipher spec: I’m going to send encrypted message now
- finished: let’s go
- This message gets encrypted
- in here there are 2 messages
- All messages are now encrypted
- It will look as a garbage to other
- in here there are 3 messages
- Identification: Making sure the computer you are speaking to is the one you trust
- 1. Company asks CA(Certificate Authority) for a certificate
- The company asks CA for a certificate
- The web server
- What the company is
- Where it is located
- Certificate Authority checks correctness and authenticity of company
- The company asks CA for a certificate
- 2. CA creates certificate and signs it
- 3. Certificate installed in server
- The company will run a web server
- The certificate is installed into this server
- The web server is configured to use the certificate
- 4. Browser issued with root certificates
- You can check installed certificate authorities on your computer.
- On my computer(mac), I can check with Keychain Access application
- 5. Browser trusts correctly signed certs
- Client’s computer has public key of the certificate authority
- When it receives a certificate, it will verify a encrypted signature of the certificate with the public key.
- 1. Company asks CA(Certificate Authority) for a certificate