The difference between HTTP and HTTPS

Browsers address bar doesn’t often attract users attention. Unless you, for example, need to go through the link copied to the clipboard. Or sometimes we are checking the address bar to make sure we just did a right transition, especially in cases of quick redirection. But if we would check it at the end, then we would notice an unusual thing: there is a locker sign, the font color is different, and instead of the usual http:// we can see https://.
That can make you feel disappointed in some sense. So, to predict that, we will try to figure it out now!

Let’s start with the simple definitions.

HTTP — the Applied Data Transfer Protocol which is used for the obtaining data from the websites.

HTTPS — that is an extension of an HTTP protocol which supports SSL and TLS encryption.

So lets put them both together and let’s see a difference.

The difference between HTTP and HTTPS is already obvious from the definitions we have. HTTPS is not an independent Data Transfer Protocol, but it’s an HTTP encryption add-on. That is the main and key difference.

If the transferred through HTTP data is unprotected, HTTPS will provide an cryptographic security. That is highly important in cases where authorizations required: in payment systems, postal services, social networks, etc.

In a case, if data is not protected with SSL, an interceptor program that is launched, at a bad moment allows an attacker to use that data. What is not good at all! Technically, HTTPS implementation is a bit more complicated: for this, a secure website must have a server certificate that the user accepts or does not accepts. This certificate is installed on the server that handles the connection. The data received by the client, and the data received from him, are also encrypted. Encryption keys are used to verify what the client receives and provides.

Another technical difference between them is which ports are used to access HTTP and HTTPS. The first usually interacts with port 80, the second — with port 443. Administrators can open other ports for the same purpose, however, they would never be the same.

Conclusion

HTTP — is the data transfer protocol itself, HTTPS — is an extension of this protocol.
HTTPS is used for secure data communication via encryption.
HTTPS is also used for servers authorization that requires higher attention to the data security.
HTTP runs on port 80, HTTPS — on port 443.

Mary Cheba