http vs. https (and SSL)

http (hypertext transfer protocol)

  • transfer hypertext data
  • port: 80

https (hypertext transfer protocol over secure sockets layer)

  • Secure called webpage and data
  • But slower the transferring speed
  • Port: 443

SSL (Secure Sockets Layer)

  • Encryption: Hiding what is sent from one computer to another
    • Computers agree on how to encrypt
    • Server sends a certificate
    • Client’s computer says “start encrypting”
      • in here there are 3 messages
        • Client key exchange: Both computers calculate a master secret code
        • Change cipher spec: client’s computer is asking server to encrypt
        • Finished: let’s start now
      • The server says “start encrypting”
        • in here there are 2 messages
          • change cipher spec: I’m going to send encrypted message now
          • finished: let’s go
        • This message gets encrypted
      • All messages are now encrypted
        • It will look as a garbage to other
  • Identification: Making sure the computer you are speaking to is the one you trust
    • 1. Company asks CA(Certificate Authority) for a certificate
      • The company asks CA for a certificate
        • The web server
        • What the company is
        • Where it is located
      • Certificate Authority checks correctness and authenticity of company
    • 2. CA creates certificate and signs itSSL1
    • 3. Certificate installed in server
      • The company will run a web server
      • The certificate is installed into this server
      • The web server is configured to use the certificate
    • 4. Browser issued with root certificates
      • You can check installed certificate authorities on your computer.
      • On my computer(mac), I can check with Keychain Access applicationSSL2
    • 5. Browser trusts correctly signed certs
      • Client’s computer has public key of the certificate authority
      • When it receives a certificate, it will verify a encrypted signature of the certificate with the public key.

Leave A Comment

Your email address will not be published. Required fields are marked *