HTTPS

What’s with that super special S next to HTTP sometimes? That S stands for Secure, and all together, it’s the HyperText Transfer Protocol Secure.

When you see this 'S', especially when it comes next to a Green Lock like this:

alt text

...you can be very confident that 1) the site that you think is sending you this information, really did send you this information. and 2) that whoever could be spying on you can only tell the domain that you’re going to and the size/time it takes to get all of that information and not what the page actually says, or even the full URL of what you’re looking at.

HTTPS uses advanced encryption to make sure that the data that your browser receives is definitely sent by the domain it thinks. HTTPS protects you from “man in the middle” attacks, where one sevrver could pretend to be another one. It would be really bad if you thought you were using MasterCard but it was MosterCard instead.

Similar to that safe word that you learned as a kid to make sure that your parents or someone that your parents sent are really the person to take you home, your browser knows a similar “Safe word” from every domain with HTTPS enabled.

It knows this safe word, called a “certificate”, because your browsers and some very trusted companies called “certificate authorities” have come up with a secure way of sharing and validating these safe words before you even bought your computer.

Your browser knows how to communicate with certificate authorities and get certificates completely behind the scenes and very securely. Once your browser has this safe word, it will make sure that all data sent to it from that server contain the same safe word, and if not, you’ll get a big error message that say that your secure connection failed.

There are many many systems working behind the curtain every day to keep you, your credit card information, and everything else secure and HTTPS is a cornerstone of that defense system.

Share this page
chat