HTTPS — Technology Wiki

Overview

Direct Answer

HTTPS is the encrypted version of HTTP that layers the TLS (Transport Layer Security) protocol over standard HTTP communication, ensuring data confidentiality, integrity, and server authentication. It uses asymmetric cryptography during handshake and symmetric encryption for subsequent session data.

How It Works

The protocol initiates a TLS handshake where the client and server exchange certificates and agree on encryption algorithms before any application data is transmitted. The server presents a certificate signed by a trusted certificate authority, enabling the client to verify authenticity. All subsequent HTTP requests and responses are encrypted using the negotiated symmetric key.

Why It Matters

Organisations require encrypted connections to protect sensitive data in transit, comply with regulations such as GDPR and PCI-DSS, and maintain user trust. Search engines prioritise secure sites in rankings, whilst browsers display security warnings for unencrypted connections, creating commercial and user experience incentives.

Common Applications

Financial institutions use HTTPS for online banking and payment processing; healthcare providers protect patient data transmission; e-commerce platforms secure customer transactions and credentials. Content management systems, email services, and government portals universally adopt the protocol.

Key Considerations

HTTPS introduces modest computational overhead and latency during the TLS handshake, though modern optimisations such as session resumption mitigate this. Certificate management, expiration tracking, and organisational PKI infrastructure require operational discipline to prevent service disruption.

Cross-References(1)

Networking & Communications

HTTP

Related in Protocols & Standards

Computer Network

A collection of interconnected computing devices that share resources and communicate using standardised protocols.

TCP/IP

Transmission Control Protocol/Internet Protocol — the fundamental communication protocol suite powering the internet.

HTTP

Hypertext Transfer Protocol — the application-layer protocol for transmitting hypermedia documents on the World Wide Web.

DNS

Domain Name System — the hierarchical system that translates human-readable domain names into numerical IP addresses.

IP Address

A unique numerical label assigned to each device connected to a computer network for identification and routing.

IPv6

The most recent version of the Internet Protocol, providing a vastly larger address space than IPv4.

Subnet

A logical subdivision of an IP network that improves security and performance by segmenting traffic.

Software-Defined Networking

An approach to networking that uses software-based controllers to manage network behaviour centrally.

Wi-Fi 6

The sixth generation of Wi-Fi technology offering improved speed, capacity, and performance in dense environments.

Network Latency

The time delay between sending and receiving data across a network, measured in milliseconds.

Bandwidth

The maximum rate of data transfer across a network path, typically measured in bits per second.

Throughput

The actual rate of successful data transfer across a network in a given time period.

More in Networking & Communications

Routing Protocol

Protocols & Standards

A protocol that determines the optimal path for data packets to travel across interconnected networks.

NAT

Protocols & Standards

Network Address Translation — a method of mapping one IP address space into another by modifying packet headers.

VPN

Infrastructure

Virtual Private Network — a technology creating a secure, encrypted connection over a less secure network like the internet.

SD-WAN

Infrastructure

Software-Defined Wide Area Network — a virtualised network architecture that enables centralised management of geographically distributed networks.

DHCP

Protocols & Standards

Dynamic Host Configuration Protocol — automatically assigns IP addresses and network configuration to devices.

SSL/TLS

Protocols & Standards

Secure Sockets Layer/Transport Layer Security — cryptographic protocols providing secure communication over a computer network.

Network Monitoring

Protocols & Standards

The practice of continuously observing a computer network for slow or failing components.

Network Topology

Protocols & Standards

The arrangement of elements such as nodes, links, and devices in a computer network.