Saturday, March 10, 2018

Difference between HTTPS and SSL/TLS

  • SSL/TLS works on top of the transport layer (i.e., on the Transport Control Protocol-TCP). 
  • HTTP is an application layer protocol.
  • HTTPS is an application layer protocol, but runs over SSL/TLS, hence it is called as HTTP over SSL.
  • SSL/TLS session is first established, then all HTTP data packets are wrapped into the secured SSL/TLS packets before sending and after receiving. 
  • SSL/TLS connection between endpoints are established before HTTP data packets are wrapped into the SSL/TLS packets.
  • For HTTP communication, the TCP/IP layer and corresponding protocol layer shall look like this:
  • For HTTPS communication, the TCP/IP layer and corresponding protocol layer shall look like this:
  • For HTTPS communication to work, SSL/TLS is mandatory, and inverse is not true. 
  • Finally, HTTPS, SFTP, SSH are all working on Application Layer and uses SSL/TLS in Transport Layer to protect the communication channel. 
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

SSO

Single Sign-On (SSO) is a solution which lets users authenticate at one application and then use that same user session at many completely ...

  • SSO
    Single Sign-On (SSO) is a solution which lets users authenticate at one application and then use that same user session at many completely ...
  • Lightweight Directory Access Protocol (LDAP)
    Before going into the LDAP, we have to look into what are Directory Services and X500 Model. Directory Service Directory Service can...
  • Difference between DOM and SAX
    Both are XML parser, that process the XML document to breaks up the text (element) into small identifiable pieces and which are finally ...