ChatGPT解决这个技术问题 Extra ChatGPT

Difference between HTTPS and SSL

What is the difference between HTTPS and SSL? I read about them and found following:

HTTPS: HTTPS is a combination of HTTP with SSL/TLS. It means that HTTPS is basically HTTP connection which is delivering the data secured using SSL/TLS.

SSL: SSL is a secure protocol that works on the top of HTTP to provide security. That means SSL encrypted data will be routed using protocols like HTTP for communication.

I am wondering where is the difference between these two? Or both are identical?

You may be interested in this similar question: security.stackexchange.com/q/5126/2435

A
Anders Lindahl

The explanation of SSL that you've found is wrong.

SSL (Secure Socket Layer) or TLS (Transport Layer Security) works on top of the transport layer, in your examples TCP. TLS can be used for more or less any protocol, HTTPS is just one common instance of it.

HTTP is an application layer protocol.

In regular, non-encrypted HTTP, the protocol stack can look like this:

HTTP

TCP

IP

Ethernet

When using HTTPS, the stack looks like this:

HTTP

TLS (SSL)

TCP

IP

Ethernet

Thanks Anders. So, it means that the HTTPS and SSL(when HTTP is used as Transport layer protocol) are same?
Not really, HTTP is an application protocol. I've updated my answer to clarify.
I got it. Thanks for the clarification.
"HTTPS is just on common instance of it" really helped solidify this for me!
For more depth on certificates and weakness of HTTPS, see the SO answers to stackoverflow.com/questions/856209/…
E
Eugene Mayevski 'Callback

HTTPS runs over SSL (as it's name suggests, HTTP-over-SSL), not SSL over HTTP. First SSL session is established, then all HTTP data are wrapped into secured SSL packets before sending and after receiving.

I got it. I didn't frame my query properly. Thanks.
B
Bucky Rat

SSL (Secure Sockets Layer) is a standard security technology to create an encrypted link between a server and a client. This link ensures that all data passed between the server and the client remain private and secure. It was designed to support protocols such as FTP, HTTP, TELNET.

Hypertext Transfer Protocol Secure (HTTPS) or “HTTP Secure,” is an application specific implementation that is a combination of the Hypertext Transfer Protocol (HTTP) with the SSL/TLS. HTTPS is used to provide encrypted communication and secure identification of a server, so that no middle man can intercept the data easily.

As everything in HTTP is in plain text (or encoded) , it is used with SSL/TLS to encrypt it.

Found this link which explains SSL, TLS, HTTPS : http://nexsniper.blogspot.com/2017/11/what-is-ssl-tls-and-https.html

Thanks for the link, it was really helpful!

关注公众号,不定期副业成功案例分享
Follow WeChat

Success story sharing

Want to stay one step ahead of the latest teleworks?

Subscribe Now

HuntsBot,a one-stop outsourcing task, remote job, product ideas sharing and subscription platform, which supports DingTalk, Lark, WeCom, Email and Telegram robot subscription. The platform will push outsourcing task requirements, remote work opportunities, product ideas to every subscribed user with timely, stable and reliable.

简体中文 English

Platform

Support

Links

Contact US

Any questions or suggestions during use, you can contact us in the following ways:

Email: huntsbot@xinbeitime.com

Copyright© 2022-2023 www.huntsbot.com 浙ICP备2022000860号-4 All Rights Reserved.