Hypertext Transfer Protocol (http) is a system for transmitting and receiving in

formation across the Internet. Http serves as a request and response procedure t
hat all agents on the Internet follow so that information can be rapidly, easily
, and accurately disseminated between servers, which hold information, and clien
ts, who are trying to access it. Http is commonly used to access html pages, but
other resources can be utilized as well through http. In many cases, clients ma
y be exchanging confidential information with a server, which needs to be secure
d in order to prevent unauthorized access. For this reason, https, or secure htt
p, was developed by Netscape corporation to allow authorization and secured tran
sactions.
In many ways, https is identical to http, because it follows the same basic prot
ocols. The http or https client, such as a Web browser, establishes a connection
to a server on a standard port. When a server receives a request, it returns a
status and a message, which may contain the requested information or indicate an
error if part of the process malfunctioned. Both systems use the same Uniform R
esource Identifier (URI) scheme, so that resources can be universally identified
. Use of https in a URI scheme rather than http indicates that an encrypted conn
ection is desired.

There are some primary differences between http and https, however, beginning wi
th the default port, which is 80 for http and 443 for https. Https works by tran
smitting normal http interactions through an encrypted system, so that in theory
, the information cannot be accessed by any party other than the client and end
server. There are two common types of encryption layers: Transport Layer Securit
y (TLS) and Secure Sockets Layer (SSL), both of which encode the data records be
ing exchanged.
When using an https connection, the server responds to the initial connection by
offering a list of encryption methods it supports. In response, the client sele
cts a connection method, and the client and server exchange certificates to auth
enticate their identities. After this is done, both parties exchange the encrypt
ed information after ensuring that both are using the same key, and the connecti
on is closed. In order to host https connections, a server must have a public ke
y certificate, which embeds key information with a verification of the key owner
's identity. Most certificates are verified by a third party so that clients are
assured that the key is secure.