Detailed explanation of http and https and their differences and connections (all dry goods!)

Detailed explanation of http and https and their differences and connections (all dry goods!)

Both HTTP (Hypertext Transfer Protocol) and HTTPS (HTTP Secure) are protocols used to transfer data in web applications, and the main difference between them is security and encryption.

1、HTTP（http->tcp）：

HTTP is a text-based protocol that transmits data in clear text without encryption or authentication. Therefore, the data in the HTTP communication process is vulnerable to eavesdropping, tampering and forgery. The communication process of the HTTP protocol is as follows:

• The client sends a request message to the server.
• After receiving the request message, the server returns a response message.
• After the client receives the response message, it parses the data and displays it in the browser.

The advantage of the HTTP protocol is that it is simple and fast, and it is suitable for transmitting some insensitive data, such as ordinary web pages and pictures.

2、HTTPS（http-> SSL/TLS->tcp）：

HTTPS is a secure version of the HTTP protocol, which uses the SSL or TLS protocol to encrypt and authenticate the transmitted data, thus ensuring the security and integrity of the data. The communication process of HTTPS is as follows:

• The client sends an encrypted request to the server.
• After receiving the request, the server returns a certificate to the client, which contains the server's public key.
• The client encrypts the symmetric key with the public key and sends the encrypted key to the server.
• The server decrypts the symmetric key with the private key and encrypts the data with the symmetric key.
• The server sends the encrypted data to the client.
• The client decrypts the data using the symmetric key, and verifies and parses the data.

The advantage of the HTTPS protocol is that it is safe and reliable, and it is suitable for transmitting some sensitive data, such as passwords and payment information.

3. Difference:

1. Security: HTTP does not have encryption and authentication functions, and data is easily eavesdropped, tampered with and forged, while HTTPS uses SSL or TLS protocols to encrypt and authenticate transmitted data, thereby ensuring data security and integrity.
2. Transmission speed: The encryption and authentication process of HTTPS consumes more computing resources, so the transmission speed is slower than HTTP.
3. Port number: The default port number for HTTP is 80, and the default port number for HTTPS is 443.

4. Contact:

1. Communication process: The communication process of HTTP and HTTPS is the process in which the client sends a request to the server and the server returns a response.
2. Application scenarios: Both HTTP and HTTPS can be used to transfer data in web applications, but HTTPS is more suitable for transferring sensitive data, such as passwords, payment information, etc.

To sum up, there are big differences between HTTP and HTTPS in terms of security, transmission speed and port number, so the HTTPS protocol should be preferred when transmitting sensitive data. At the same time, in some scenarios that do not require encryption and authentication, the HTTP protocol may be more suitable.