Hubbry Logo
HTTPSHTTPSMain
Open search
HTTPS
Community hub
HTTPS
logo
8 pages, 0 posts
0 subscribers
Be the first to start a discussion here.
Be the first to start a discussion here.
HTTPS
HTTPS
HTTPS
View on Wikipedia
from Wikipedia

HTTP
Request methods
Header fields
Response status codes
Security access control methods
Security vulnerabilities
Internet protocol suite
Application layer
Transport layer
Internet layer
Link layer

Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It uses encryption for secure communication over a computer network, and is widely used on the Internet.[1][2] In HTTPS, the communication protocol is encrypted using Transport Layer Security (TLS) or, formerly, Secure Sockets Layer (SSL). The protocol is therefore also referred to as HTTP over TLS,[3] or HTTP over SSL.

The principal motivations for HTTPS are authentication of the accessed website and protection of the privacy and integrity of the exchanged data while it is in transit. It protects against man-in-the-middle attacks, and the bidirectional block cipher encryption of communications between a client and server protects the communications against eavesdropping and tampering.[4][5] The authentication aspect of HTTPS requires a trusted third party to sign server-side digital certificates. This was historically an expensive operation, which meant fully authenticated HTTPS connections were usually found only on secured payment transaction services and other secured corporate information systems on the World Wide Web. In 2016, a campaign by the Electronic Frontier Foundation with the support of web browser developers led to the protocol becoming more prevalent.[6] HTTPS is since 2018[7] used more often by web users than the original, non-secure HTTP, primarily to protect page authenticity on all types of websites, secure accounts, and keep user communications, identity, and web browsing private.

Overview

[edit]
Further information: Transport Layer Security
URL beginning with the HTTPS scheme and the WWW domain name label

The Uniform Resource Identifier (URI) scheme HTTPS has identical usage syntax to the HTTP scheme. However, HTTPS signals the browser to use an added encryption layer of SSL/TLS to protect the traffic. SSL/TLS is especially suited for HTTP, since it can provide some protection even if only one side of the communication is authenticated. This is the case with HTTP transactions over the Internet, where typically only the server is authenticated (by the client examining the server's certificate).

HTTPS creates a secure channel over an insecure network. This ensures reasonable protection from eavesdroppers and man-in-the-middle attacks, provided that adequate cipher suites are used and that the server certificate is verified and trusted.

Because HTTPS piggybacks HTTP entirely on top of TLS, the entirety of the underlying HTTP protocol can be encrypted. This includes the request's URL, query parameters, headers, and cookies (which often contain identifying information about the user). However, because website addresses and port numbers are necessarily part of the underlying TCP/IP protocols, HTTPS cannot protect their disclosure. In practice this means that even on a correctly configured web server, eavesdroppers can infer the IP address and port number of the web server, and sometimes even the domain name (e.g. www.example.org, but not the rest of the URL) that a user is communicating with, along with the amount of data transferred and the duration of the communication, though not the content of the communication.[4]

Web browsers know how to trust HTTPS websites based on certificate authorities that come pre-installed in their software. Certificate authorities are in this way being trusted by web browser creators to provide valid certificates. Therefore, a user should trust an HTTPS connection to a website if and only if all of the following are true:

  • The user trusts that their device, hosting the browser and the method to get the browser itself, is not compromised (i.e. there is no supply chain attack).
  • The user trusts that the browser software correctly implements HTTPS with correctly pre-installed certificate authorities.
  • The user trusts the certificate authority to vouch only for legitimate websites (i.e. the certificate authority is not compromised and there is no mis-issuance of certificates).
  • The website provides a valid certificate, which means it was signed by a trusted authority.
  • The certificate correctly identifies the website (e.g., when the browser visits "https://example.com", the received certificate is properly for "example.com" and not some other entity).
  • The user trusts that the protocol's encryption layer (SSL/TLS) is sufficiently secure against eavesdroppers.

HTTPS is especially important over insecure networks and networks that may be subject to tampering. Insecure networks, such as public Wi-Fi access points, allow anyone on the same local network to packet-sniff and discover sensitive information not protected by HTTPS. Additionally, some free-to-use and paid WLAN networks have been observed tampering with webpages by engaging in packet injection in order to serve their own ads on other websites. This practice can be exploited maliciously in many ways, such as by injecting malware onto webpages and stealing users' private information.[8]

HTTPS is also important for connections over the Tor network, as malicious Tor nodes could otherwise damage or alter the contents passing through them in an insecure fashion and inject malware into the connection. This is one reason why the Electronic Frontier Foundation and the Tor Project started the development of HTTPS Everywhere,[4] which is included in Tor Browser.[9]

As more information is revealed about global mass surveillance and criminals stealing personal information, the use of HTTPS security on all websites is becoming increasingly important regardless of the type of Internet connection being used.[10][11] Even though metadata about individual pages that a user visits might not be considered sensitive, when aggregated it can reveal a lot about the user and compromise the user's privacy.[12][13][14]

Deploying HTTPS also allows the use of HTTP/2 and HTTP/3 (and their predecessors SPDY and QUIC), which are new HTTP versions designed to reduce page load times, size, and latency.

It is recommended to use HTTP Strict Transport Security (HSTS) with HTTPS to protect users from man-in-the-middle attacks, especially SSL stripping.[14][15]

HTTPS should not be confused with the seldom-used Secure HTTP (S-HTTP) specified in RFC 2660.

Usage in websites

[edit]

As of April 2018, 33.2% of Alexa top 1,000,000 websites use HTTPS as default[16] and 70% of page loads (measured by Firefox Telemetry) use HTTPS.[17] As of December 2022, 58.4% of the Internet's 135,422 most popular websites have a secure implementation of HTTPS,[18] However, despite TLS 1.3's release in 2018, adoption has been slow, with many still remaining on the older TLS 1.2 protocol.[19]

Browser integration

[edit]

Most browsers display a warning if they receive an invalid certificate. Older browsers, when connecting to a site with an invalid certificate, would present the user with a dialog box asking whether they wanted to continue. Newer browsers display a warning across the entire window. Newer browsers also prominently display the site's security information in the address bar. Extended validation certificates show the legal entity on the certificate information. Most browsers also display a warning to the user when visiting a site that contains a mixture of encrypted and unencrypted content. Additionally, many web filters return a security warning when visiting prohibited websites.

Comparison between different kinds of SSL/TLS certificates
(Using Firefox as an example)
  • Many web browsers, including Firefox (shown here), use the address bar to tell the user that their connection is secure, an Extended Validation Certificate should identify the legal entity for the certificate.
    Many web browsers, including Firefox (shown here), use the address bar to tell the user that their connection is secure, an Extended Validation Certificate should identify the legal entity for the certificate.
  • When accessing a site only with a common certificate, on the address bar of Firefox and other browsers, a "lock" sign appears.
    When accessing a site only with a common certificate, on the address bar of Firefox and other browsers, a "lock" sign appears.
  • Most web browsers alert the user when visiting sites that have invalid security certificates.
    Most web browsers alert the user when visiting sites that have invalid security certificates.

The Electronic Frontier Foundation, opining that "In an ideal world, every web request could be defaulted to HTTPS", has provided an add-on called HTTPS Everywhere for Mozilla Firefox, Google Chrome, Chromium, and Android, which enables HTTPS by default for hundreds of frequently used websites.[20][21]

Forcing a web browser to load only HTTPS content has been supported in Firefox starting in version 83.[22] Starting in version 94, Google Chrome is able to "always use secure connections" if toggled in the browser's settings.[23][24]

Security

[edit]
Main article: Transport Layer Security § Security

The security of HTTPS is that of the underlying TLS, which typically uses long-term public and private keys to generate a short-term session key, which is then used to encrypt the data flow between the client and the server. X.509 certificates are used to authenticate the server (and sometimes the client as well). As a consequence, certificate authorities and public key certificates are necessary to verify the relation between the certificate and its owner, as well as to generate, sign, and administer the validity of certificates. While this can be more beneficial than verifying the identities via a web of trust, the 2013 mass surveillance disclosures drew attention to certificate authorities as a potential weak point allowing man-in-the-middle attacks.[25][26] An important property in this context is forward secrecy, which ensures that encrypted communications recorded in the past cannot be retrieved and decrypted should long-term secret keys or passwords be compromised in the future. Not all web servers provide forward secrecy.[27][needs update]

For HTTPS to be effective, a site must be completely hosted over HTTPS. If some of the site's contents are loaded over HTTP (scripts or images, for example), or if only a certain page that contains sensitive information, such as a log-in page, is loaded over HTTPS while the rest of the site is loaded over plain HTTP, the user will be vulnerable to attacks and surveillance. Additionally, cookies on a site served through HTTPS must have the secure attribute enabled. On a site that has sensitive information on it, the user and the session will get exposed every time that site is accessed with HTTP instead of HTTPS.[14]

Technical

[edit]

Difference from HTTP

[edit]

HTTPS URLs begin with "https://" and use port 443 by default, whereas HTTP URLs begin with "http://" and use port 80 by default.

HTTP is not encrypted and thus is vulnerable to man-in-the-middle and eavesdropping attacks, which can let attackers gain access to website accounts and sensitive information, and modify webpages to inject malware or advertisements. HTTPS is designed to withstand such attacks and is considered secure against them (with the exception of HTTPS implementations that use deprecated versions of SSL).

Network layers

[edit]

HTTP operates at the highest layer of the TCP/IP model—the application layer; as does the TLS security protocol (operating as a lower sublayer of the same layer), which encrypts an HTTP message prior to transmission and decrypts a message upon arrival. Strictly speaking, HTTPS is not a separate protocol, but refers to the use of ordinary HTTP over an encrypted SSL/TLS connection.

HTTPS encrypts all message contents, including the HTTP headers and the request/response data. With the exception of the possible CCA cryptographic attack described in the limitations section below, an attacker should at most be able to discover that a connection is taking place between two parties, along with their domain names and IP addresses.

Server setup

[edit]

To prepare a web server to accept HTTPS connections, the administrator must create a public key certificate for the web server. This certificate must be signed by a trusted certificate authority for the web browser to accept it without warning. The authority certifies that the certificate holder is the operator of the web server that presents it. Web browsers are generally distributed with a list of signing certificates of major certificate authorities so that they can verify certificates signed by them.

Acquiring certificates

[edit]

A number of commercial certificate authorities exist, offering paid-for SSL/TLS certificates of a number of types, including Extended Validation Certificates.

Let's Encrypt, launched in April 2016,[28] provides free and automated service that delivers basic SSL/TLS certificates to websites.[29] According to the Electronic Frontier Foundation, Let's Encrypt will make switching from HTTP to HTTPS "as easy as issuing one command, or clicking one button."[30] The majority of web hosts and cloud providers now leverage Let's Encrypt, providing free certificates to their customers.

Use as access control

[edit]

The system can also be used for client authentication in order to limit access to a web server to authorized users. To do this, the site administrator typically creates a certificate for each user, which the user loads into their browser. Normally, the certificate contains the name and e-mail address of the authorized user and is automatically checked by the server on each connection to verify the user's identity, potentially without even requiring a password.

In case of compromised secret (private) key

[edit]

An important property in this context is perfect forward secrecy (PFS). Possessing one of the long-term asymmetric secret keys used to establish an HTTPS session should not make it easier to derive the short-term session key to then decrypt the conversation, even at a later time. Diffie–Hellman key exchange (DHE) and Elliptic-curve Diffie–Hellman key exchange (ECDHE) are in 2013 the only schemes known to have that property. In 2013, only 30% of Firefox, Opera, and Chromium Browser sessions used it, and nearly 0% of Apple's Safari and Microsoft Internet Explorer sessions.[27] TLS 1.3, published in August 2018, dropped support for ciphers without forward secrecy. As of February 2019, 96.6% of web servers surveyed support some form of forward secrecy, and 52.1% will use forward secrecy with most browsers.[31] As of July 2023, 99.6% of web servers surveyed support some form of forward secrecy, and 75.2% will use forward secrecy with most browsers.[32]

Certificate revocation
[edit]
Main article: Certificate revocation

A certificate may be revoked before it expires, for example because the secrecy of the private key has been compromised. Newer versions of popular browsers such as Firefox,[33] Opera,[34] and Internet Explorer on Windows Vista[35] implement the Online Certificate Status Protocol (OCSP) to verify that this is not the case. The browser sends the certificate's serial number to the certificate authority or its delegate via OCSP (Online Certificate Status Protocol) and the authority responds, telling the browser whether the certificate is still valid or not.[36] The CA may also issue a CRL to tell people that these certificates are revoked. CRLs are no longer required by the CA/Browser forum,[37][needs update] nevertheless, they are still widely used by the CAs. Most revocation statuses on the Internet disappear soon after the expiration of the certificates.[38]

Limitations

[edit]

SSL (Secure Sockets Layer) and TLS (Transport Layer Security) encryption can be configured in two modes: simple and mutual. In simple mode, authentication is only performed by the server. The mutual version requires the user to install a personal client certificate in the web browser for user authentication.[39] In either case, the level of protection depends on the correctness of the implementation of the software and the cryptographic algorithms in use.[citation needed]

SSL/TLS does not prevent the indexing of the site by a web crawler, and in some cases the URI of the encrypted resource can be inferred by knowing only the intercepted request/response size.[40] This allows an attacker to have access to the plaintext (the publicly available static content), and the encrypted text (the encrypted version of the static content), permitting a cryptographic attack.[citation needed]

Because TLS operates at a protocol level below that of HTTP and has no knowledge of the higher-level protocols, TLS servers can only strictly present one certificate for a particular address and port combination.[41] In the past, this meant that it was not feasible to use name-based virtual hosting with HTTPS. A solution called Server Name Indication (SNI) exists, which sends the hostname to the server before encrypting the connection, although older browsers do not support this extension. Support for SNI is available since Firefox 2, Opera 8, Apple Safari 2.1, Google Chrome 6, and Internet Explorer 7 on Windows Vista.[42][43][44]

A sophisticated type of man-in-the-middle attack called SSL stripping was presented at the 2009 Blackhat Conference. This type of attack defeats the security provided by HTTPS by changing the https: link into an http: link, taking advantage of the fact that few Internet users actually type "https" into their browser interface: they get to a secure site by clicking on a link, and thus are fooled into thinking that they are using HTTPS when in fact they are using HTTP. The attacker then communicates in clear with the client.[45] This prompted the development of a countermeasure in HTTP called HTTP Strict Transport Security.[citation needed]

HTTPS has been shown to be vulnerable to a range of traffic analysis attacks. Traffic analysis attacks are a type of side-channel attack that relies on variations in the timing and size of traffic in order to infer properties about the encrypted traffic itself. Traffic analysis is possible because SSL/TLS encryption changes the contents of traffic, but has minimal impact on the size and timing of traffic. In May 2010, a research paper by researchers from Microsoft Research and Indiana University discovered that detailed sensitive user data can be inferred from side channels such as packet sizes. The researchers found that, despite HTTPS protection in several high-profile, top-of-the-line web applications in healthcare, taxation, investment, and web search, an eavesdropper could infer the illnesses/medications/surgeries of the user, his/her family income, and investment secrets.[46]

The fact that most modern websites, including Google, Yahoo!, and Amazon, use HTTPS causes problems for many users trying to access public Wi-Fi hot spots, because a captive portal Wi-Fi hot spot login page fails to load if the user tries to open an HTTPS resource.[47] Several websites, such as NeverSSL,[48] guarantee that they will always remain accessible by HTTP.[49]

History

[edit]
Main article: Transport Layer Security § History and development

Netscape Communications created HTTPS in 1994 for its Netscape Navigator web browser.[50] Originally, HTTPS was used with the SSL protocol.[51] The original SSL protocol was developed by Taher Elgamal, chief scientist at Netscape Communications.[52][53][54] As SSL evolved into Transport Layer Security (TLS), HTTPS was formally specified by RFC 2818[55] in May 2000. Google announced in February 2018 that its Chrome browser would mark HTTP sites as "Not Secure" after July 2018.[51] This move was to encourage website owners to implement HTTPS, as an effort to make the World Wide Web more secure.

See also

[edit]

References

[edit]
[edit]
Revisions and contributorsEdit on WikipediaRead on Wikipedia

HTTPS

View on Grokipedia
from Grokipedia
HTTPS (Hypertext Transfer Protocol Secure) is an extension of the Hypertext Transfer Protocol (HTTP) that provides encrypted communication between web clients and servers, primarily through the integration of (TLS) to protect data in transit from interception and alteration. Developed initially in the mid-1990s by Communications to address the insecurities of plain HTTP for commercial web transactions, HTTPS employs asymmetric cryptography for , symmetric encryption for data confidentiality, and digital certificates issued by trusted authorities to verify server identity. The protocol's core security features include options, integrity checks via message authentication codes, and in modern TLS implementations, which mitigate risks from compromised long-term keys. Despite its foundational role in enabling secure , , and interactions—now adopted by over 90% of top websites—HTTPS has faced challenges such as vulnerabilities in underlying TLS versions (e.g., , ) and breaches of certificate authorities, underscoring the need for ongoing updates and vigilant implementation. Its widespread enforcement, including browser warnings for non-HTTPS sites and preferences, reflects empirical evidence of reduced man-in-the-middle attacks and data leaks in secured environments.

Overview

Definition and Purpose

HTTPS (Hypertext Transfer Protocol Secure) is an extension of the Hypertext Transfer Protocol (HTTP) that secures communications by encapsulating HTTP messages within the (TLS) protocol, or its predecessor Secure Sockets Layer (SSL). This layering occurs at the transport level, where TLS provides and related security services to HTTP traffic over TCP port 443 by default, in contrast to HTTP's use of port 80. The protocol was formally specified in RFC 2818 in May 2000, standardizing the use of TLS to protect HTTP connections against interception and modification on public networks. The core purpose of HTTPS is to ensure the , , and authenticity of data exchanged between web clients and servers, addressing vulnerabilities inherent in unencrypted HTTP such as , tampering, and impersonation. is achieved through symmetric of the payload, preventing unauthorized parties from reading sensitive information like login credentials or payment details during transit. is maintained via message authentication codes that detect alterations to the data stream, while authentication relies on digital certificates issued by trusted certificate authorities to verify the server's identity, mitigating man-in-the-middle attacks. These mechanisms collectively enable secure applications such as , , and interactions where data protection is critical. Introduced in the mid-1990s by Communications as part of their browser and SSL implementation to facilitate secure web transactions, HTTPS addressed the growing need for encrypted amid the early internet's expansion. By 2025, over 95% of web pages loaded via major browsers use HTTPS, driven by browser policies enforcing secure connections and rankings favoring encrypted sites. This widespread adoption underscores its role in establishing trust in web ecosystems, though it does not inherently protect against server-side vulnerabilities or client-side threats.

Usage in Web Ecosystems

HTTPS permeates web ecosystems through integration in browsers, servers, content delivery networks (CDNs), and application programming interfaces (APIs), enabling encrypted communication as the de facto standard for secure data transfer. As of 2024, 87.6% of websites employed valid SSL certificates, a marked increase from 18.5% six years prior, driven by automated issuance and browser incentives. Projections indicate near-universal adoption, with nearly 99% of sites expected to use HTTPS by the end of 2025, reflecting empirical improvements in encryption coverage across global web traffic. The certificate authority, operational since December 2015, has catalyzed this shift by issuing free, short-lived certificates via automated protocols like ACME, eliminating cost and complexity barriers that previously deterred small-scale operators. Over 600 million websites have obtained certificates from , doubling the proportion of secure sites within four years of its launch and particularly benefiting resource-constrained domains. This automation fosters routine renewal—certificates expire every 90 days—reducing exposure to prolonged key compromises while embedding HTTPS into hosting platforms and CDNs like , which proxy traffic to enforce encryption. Browsers enforce HTTPS through user interface cues and policy mechanisms; , holding dominant market share, labels HTTP pages as "not secure" since version 68 in 2018 and advances HTTPS-First mode to attempt upgrades for insecure origins by default, suppressing HTTP fallbacks unless explicitly configured otherwise. Similarly, and display icons for HTTPS connections and block mixed content—unencrypted resources on secure pages—prompting developers to migrate assets fully to HTTPS. (HSTS), defined in RFC 6797, complements this by directing browsers to interact solely via HTTPS for prelisted domains, averting protocol downgrade attacks and cookie hijacking over subsequent visits; preload lists maintained by browser vendors extend this protection network-wide. In server ecosystems, HTTPS deployment involves configuring TLS-terminating proxies or load balancers, with widespread support for protocols ensuring session keys resist retroactive decryption. APIs and architectures increasingly mandate HTTPS to safeguard tokens and payloads, as evidenced by standards like 2.0 requiring transport-layer security. Despite high adoption, challenges persist in legacy systems and resource-limited environments, where incomplete implementations can expose mixed-content vulnerabilities, underscoring the causal link between comprehensive ecosystem enforcement and realized security gains.

Technical Mechanics

Distinctions from HTTP

HTTPS encapsulates HTTP within a (TLS) layer, providing , server authentication, and absent in plain HTTP. While HTTP transmits requests and responses in over TCP port 80 by default, exposing data to , modification, or spoofing, HTTPS mandates TLS negotiation over port 443, ensuring through symmetric keys derived during the initial . The TLS handshake in HTTPS precedes HTTP message exchange, involving asymmetric cryptography for —typically Diffie-Hellman or RSA—and certificate validation against trusted certificate authorities to verify server identity, which HTTP lacks entirely. This process authenticates the server, mitigating man-in-the-middle attacks, whereas HTTP connections proceed directly without identity checks or protection against tampering. HTTPS also enforces message integrity via message authentication codes, preventing undetected alterations, in contrast to HTTP's vulnerability to such exploits. Operationally, HTTPS introduces computational overhead from encryption/decryption and the handshake latency—often 1-2 round-trip times—but optimizations like session resumption and minimize this in modern implementations. HTTP remains faster for initial connections due to its simplicity but forfeits , making HTTPS the standard for any data-sensitive as formalized in RFC 2818.

TLS/SSL Integration and Handshake

HTTPS encapsulates HTTP traffic within a TLS-encrypted channel, replacing the insecure TCP transport used by plain HTTP with TLS's cryptographic protections for confidentiality, integrity, and server authentication. This integration, formalized in RFC 2818 published in May 2000, operates by directing HTTP connections to TCP port 443 and layering TLS beneath the HTTP protocol, allowing unmodified HTTP semantics while securing the underlying against , tampering, and impersonation. TLS, defined starting with version 1.0 in RFC 2246 from January 1999 as an upgrade over SSL 3.0, has evolved through versions 1.1 (RFC 4346, April 2006), 1.2 (RFC 5246, August 2008), and 1.3 (RFC 8446, August 2018), with SSL versions deprecated due to vulnerabilities like in SSL 3.0 exploited since 2014. The TLS handshake initiates upon connection establishment, negotiating session parameters and deriving symmetric encryption keys before any HTTP data is exchanged, typically adding 1-2 round-trip times (RTTs) of latency in modern implementations. In TLS 1.3, the process authenticates the server and computes shared keys using Diffie-Hellman ephemeral (DHE) or variants for , ensuring compromised long-term keys do not expose past sessions. The client sends a ClientHello message listing supported TLS versions (prioritizing 1.3), cipher suites (e.g., TLS_AES_256_GCM_SHA384 for AES-256-GCM encryption with SHA-384 authentication), extensions like (SNI) for virtual hosting—which reveals the requested domain name to intermediaries such as ISPs during the handshake unless Encrypted Client Hello (ECH) is used—and a public key share. ECH is a privacy-enhancing extension to TLS that encrypts the entire ClientHello message, including the SNI extension and other sensitive details, preventing passive network observers from determining the destination domain name. As of 2026, ECH has seen increasing adoption since its initial availability in 2023, with support in major browsers such as Firefox and Chrome, and by content delivery networks such as Cloudflare, though deployment remains incomplete and not universal. Even with ECH enabled, ISPs and other intermediaries can still observe the destination IP address, connection metadata including data volume, timing, duration, and port numbers, but cannot access the specific page path, query parameters, form data, or any encrypted content. The server responds with a ServerHello selecting compatible parameters, its key share, EncryptedExtensions for additional options, a certificate chain rooted in a trusted public (CA), a CertificateVerify proving private key possession, and a Finished with a MAC verifying handshake integrity using the derived key. The client verifies the certificate against its trust store, computes the , sends its Finished , and the session activates for bidirectional of HTTP requests and responses. TLS 1.2 variants include additional explicit messages like ServerKeyExchange for non-RSA ciphers, increasing RTTs to 2 without resumption, but TLS 1.3 eliminates these for efficiency while mandating . Session resumption mechanisms, such as pre-shared keys (PSK) in TLS 1.3 or session tickets in earlier versions, allow abbreviated s on subsequent connections by reusing prior keys, reducing latency to 0-RTT in some cases while mitigating replay attacks via age and sequence checks. Client authentication, optional and rare in web contexts, can occur via client certificates during the handshake if required by the server. These steps ensure causal security: encryption keys derive solely from ephemeral exchanges unknown to passive observers, and authentication chains to PKI roots vetted by clients, though reliant on CA trustworthiness which has faced breaches like the 2011 DigiNotar compromise affecting millions of certificates.

Network Layer Operations

The TLS Record Protocol, operating above the , fragments outgoing HTTP application into of up to 2^14 bytes (16,384 bytes) each, prepends a 5-byte header specifying the content type (such as 23 for application ), TLS version, and , applies optional compression (deprecated in TLS 1.3), computes a (MAC) or , and encrypts the payload using the negotiated symmetric keys and algorithms from the . These form a byte stream delivered reliably to the peer via TCP on port 443, where TCP segments the stream into variable-sized segments (typically up to the path MTU minus headers, around 1,460 bytes for IPv4 Ethernet) with sequence numbers, acknowledgments, and congestion control to ensure ordered, error-free delivery without duplication or loss. At the network layer (OSI layer 3 or IP layer in TCP/IP), each TCP segment is encapsulated in an IPv4 or , adding a 20-byte IPv4 header (or 40-byte ) with source and destination addresses, protocol field (6 for TCP), TTL/hop limit, and , enabling stateless through intermediate devices based solely on address prefixes and forwarding tables. Routers inspect only the for next-hop decisions, forwarding packets hop-by-hop without visibility into the encrypted TLS payload, which prevents on the HTTP content—including specific page paths, query parameters, form data, and other application-layer information—but exposes metadata to intermediaries such as ISPs. This metadata includes the destination IP address, port numbers (typically 443), connection timing, duration, data volume, and the domain name via the Server Name Indication (SNI) extension in the TLS ClientHello message unless Encrypted Client Hello (ECH) is used to encrypt it (see TLS/SSL Integration and Handshake). As of early 2026, ECH is supported by major browsers such as Firefox and Chrome as well as CDNs such as Cloudflare, but is not universally deployed, meaning the domain name remains visible to ISPs in many cases. Other privacy technologies such as proxies or Tor are required to obscure the destination IP address and further reduce metadata visibility. Routers and ISPs cannot observe the encrypted content itself. If a exceeds a link's (MTU, e.g., 1,500 bytes for standard Ethernet), IP may fragment it into smaller datagrams with offset and more-fragments flags, reassembled at the destination; however, TCP's (PMTUD) probes effective MTU via ICMP feedback to avoid fragmentation, blackholing, or performance degradation from reassembly overhead. Inbound operations reverse this: IP delivers datagrams to the end system, reassembling fragments if needed before passing TCP segments to the , where TCP buffers, orders, and retransmits lost segments using cumulative acknowledgments and selective ACKs (SACK) for efficiency. The reassembled TCP stream feeds the TLS Record Protocol, which authenticates and decrypts records using the same keys, verifies integrity via MAC or AEAD tags, reassembles the full HTTP message, and handles any record-layer or fragmentation introduced for (e.g., against via constant record sizes in some implementations). This layered encapsulation ensures HTTPS inherits TCP/IP's robustness for global routing while confining to end-to-end protection, as network-layer devices remain agnostic to TLS details. In deployments over (RFC 9000), which multiplexes streams over UDP for reduced latency, TLS 1.3 integrates directly into QUIC packets sent via IP/UDP datagrams, bypassing TCP's ; QUIC handles encryption, reliability, and congestion in user space, with unchanged but UDP's connectionless nature enabling faster handshakes and migration (e.g., via connection IDs). As of mid-2025, TCP-based HTTPS dominates at approximately 80-90% of secure connections, per server logs from major CDNs, though QUIC adoption grows for performance-critical applications.

Implementation Practices

Server Configuration Essentials

To enable HTTPS on a , administrators must install a TLS certificate issued by a trusted (CA) and its corresponding private key, typically in PEM or DER format, ensuring the private key remains securely protected with appropriate file permissions (e.g., 600 octal). The server software is then configured to bind to TCP port 443, activate TLS processing on that socket, and reference the certificate and key paths; for , this requires the ssl directive on the listen statement alongside ssl_certificate and ssl_certificate_key in the server block. Analogous setups apply to via mod_ssl in a <VirtualHost *:443> directive specifying SSLCertificateFile and SSLCertificateKeyFile, or to IIS by creating an HTTPS binding in IIS Manager and assigning the certificate from the server certificate store. Security hardening mandates restricting protocols to TLS 1.3 as the primary version, with TLS 1.2 as a fallback for compatibility, while explicitly disabling SSL 2.0, SSL 3.0, TLS 1.0, and TLS 1.1 due to exploits like (CVE-2014-3566) and their removal from modern browser support by 2020. selection should emphasize forward-secure Diffie-Hellman ephemeral (ECDHE) key exchanges with AES-256-GCM or for bulk encryption, SHA-384 or higher for hashing, and exclusion of null ciphers, , 3DES, or MD5-based suites vulnerable to attacks such as Lucky Thirteen. All HTTP traffic on port 80 must redirect to HTTPS via permanent (301) status codes to prevent unencrypted access, implemented in with return 301 https://$host$request_uri; in the non-TLS server block or equivalent rewrite rules in (RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]) and IIS URL Rewrite modules. (HSTS, defined in RFC 6797) should be enforced by appending the Strict-Transport-Security: max-age=31536000; includeSubDomains header (extendable to preload lists for broader enforcement), compelling browsers to reject non-HTTPS connections for the specified duration and subdomains. Advanced features include (per RFC 6066), where the server caches and attaches the CA's signed certificate revocation response during handshakes to minimize client-side queries and latency—enabled in via ssl_stapling on; and resolver directives, or with SSLUseStapling on. Session resumption via TLS 1.3's pre-shared keys or TLS 1.2 tickets (avoiding vulnerable session IDs) optimizes performance without compromising security. Configurations should be validated using tools like SSL Labs' qualifier, targeting A+ ratings, and updated periodically as protocols evolve, such as the 2025 deprecations of certain TLS 1.2 ciphers in standards like NIST SP 800-52.

Certificate Acquisition and Validation

Server operators acquire TLS certificates primarily from trusted Certificate Authorities (CAs) to enable HTTPS. The process begins with generating a private-public key pair using tools like OpenSSL, followed by creating a Certificate Signing Request (CSR) that encodes the public key, domain name, and optional organizational details in PKCS#10 format. The CSR is then submitted to a CA, which verifies the applicant's control over the requested domain and, depending on the certificate type, additional identity information before issuing the signed certificate and any intermediate chain certificates. Certificates are issued at varying validation levels: Domain Validated (DV), which confirms only domain control through automated methods like DNS TXT records, HTTP file placement, or email verification; Organization Validated (OV), adding checks on the legal entity behind the domain via business records; and Extended Validated (EV), requiring rigorous vetting of the organization's identity, including legal existence and operational status, often displayed prominently in browsers to indicate higher assurance. DV certificates, popularized by free services like since 2015, enable rapid issuance in minutes, while OV and EV involve manual reviews taking days to weeks and higher costs. Self-signed certificates or those from untrusted private CAs can be generated without external validation but fail standard client trust checks unless explicitly configured. Client-side validation occurs during the TLS handshake, where the server presents its certificate chain. The client verifies the chain's signatures back to a trusted CA embedded in its trust store (e.g., browser or OS maintained lists from vendors like , ), ensures the hostname matches via Subject Alternative Names, checks notBefore/notAfter dates, and queries status using (OCSP) or Certificate Revocation Lists (CRLs), often with for efficiency. Failure in any step—such as an untrusted , mismatch, or —triggers warnings or connection blocks, as seen in browser alerts for invalid or self-signed certificates. trust is established through audits and inclusion policies by client software maintainers, with over 100 roots typically trusted across major platforms as of 2023.

Response to Key Compromises

In the event of a suspected or confirmed private key compromise for an HTTPS server's TLS certificate, the primary response involves immediate of all certificates linked to the affected key to mitigate risks such as man-in-the-middle attacks and traffic decryption. Administrators should contact the (CA) to issue a , updating the (CRL) or enabling (OCSP) checks, which browsers and clients query to validate certificate status in real-time. This step invalidates the certificate across relying parties, though effectiveness depends on client support for mechanisms, as some older systems may ignore CRLs due to performance concerns. Following , the server must generate a new cryptographic key pair using secure methods, such as modules (HSMs) to prevent recurrence, and submit a (CSR) to the CA for a replacement certificate. Best practices recommend regenerating keys even if is uncertain, as in memory-based leaks, and conducting a full system audit to identify breach vectors like misconfigured permissions or vulnerable software. Notification to stakeholders, including users and upstream services, is essential to prompt client-side updates, alongside monitoring logs for anomalous activity. The vulnerability, disclosed on April 7, 2014, in versions 1.0.1 to 1.0.1f, exemplified widespread key exposure risks, enabling attackers to extract up to 64 kilobytes of server memory per probe, potentially including private keys, usernames, and passwords. Responses included urgent patching of affected software—over 17 million servers were vulnerable—and precautionary key rotation for all exposed systems, as no feasible detection method existed for leaked keys; major providers like regenerated keys en masse, reissuing certificates to restore trust without confirmed universal compromise. CA-level compromises demand escalated measures beyond individual revocations. In the 2011 DigiNotar breach, intruders forged over 500 certificates for domains like google.com, prompting browser vendors including and to distrust all DigiNotar roots on September 2 and August 29, respectively, effectively nullifying the CA's ecosystem and leading to its bankruptcy. Organizations responded by migrating to alternative CAs, auditing issuance logs, and enhancing segmentation between signing keys, underscoring the need for incident response plans that include root distrust propagation via trust store updates in operating systems and applications.

Security Evaluation

Core Protections and Mechanisms

HTTPS secures communications between clients and servers by layering the Hypertext Transfer Protocol (HTTP) over the Transport Layer Security (TLS) protocol, primarily delivering three core protections: confidentiality, integrity, and server authentication. Confidentiality prevents unauthorized parties from accessing the content of transmitted data, achieved through symmetric encryption of the payload using session keys established during the TLS handshake. Integrity ensures that data remains unaltered during transit, enforced via message authentication codes (MACs) or authenticated encryption with associated data (AEAD) modes, which detect modifications by verifying cryptographic tags appended to each record. Server authentication verifies the server's identity, mitigating man-in-the-middle attacks by relying on public key infrastructure (PKI) where the server presents a digital certificate signed by a trusted certificate authority (CA), which the client validates against a chain of trust. The TLS protocol forms the foundational mechanism for these protections, initiating secure sessions through an authenticated process. In TLS 1.3, the standard version mandated for modern HTTPS implementations since its publication in August 2018, the begins with the client sending a ClientHello message containing supported cipher suites, extensions, and a random nonce, followed by the server's ServerHello selecting parameters and providing its certificate. Key derivation occurs via Diffie-Hellman ephemeral (DHE) or Diffie-Hellman ephemeral (ECDHE) exchanges, generating shared secrets resistant to compromise of long-term keys, with ensuring that past sessions remain secure even if session keys are later exposed. integrates asymmetric cryptography, typically RSA or signatures, where the server signs messages using its private key, allowing the client to confirm possession of the corresponding public key from the validated certificate. Post-handshake, the TLS record protocol encapsulates HTTP messages in protected records, applying symmetric ciphers like AES in Galois/Counter Mode (GCM) for combined and in AEAD constructions. Each record includes a sequence number to prevent replay attacks, with and explicit nonces enhancing security against and other exploits. These mechanisms collectively address passive via , active tampering via checks, and impersonation via certificate-based authentication, though they assume proper certificate validation and do not inherently protect against all threats like denial-of-service at the network layer. Empirical data from protocol analyses, such as those in TLS 1.3's , demonstrate reduced surfaces compared to prior versions, with latency minimized to approximately one round-trip time for initial connections.

Inherent Limitations and Vulnerabilities

The security of HTTPS fundamentally depends on the (PKI), where trust is delegated to Certificate Authorities (CAs) that validate domain ownership before issuing certificates. A compromise of any single CA enables attackers to obtain valid certificates for arbitrary domains, facilitating undetected man-in-the-middle (MitM) attacks that decrypt and inspect traffic despite the protocol's encryption. Historical incidents underscore this vulnerability: in July 2011, the Dutch CA was breached by suspected ian actors, leading to the issuance of fraudulent certificates for domains including google.com, affecting users in Iran and prompting the CA's complete revocation from browser trust stores. Similarly, Symantec faced distrust in 2015 and 2017 due to repeated misissuances of certificates without proper validation, eroding confidence in the CA model. With over 100 root CAs embedded in major browsers, the system's resilience hinges on the weakest link, as a single failure undermines global trust. Even with uncompromised CAs, the TLS process introduces risks through protocol version negotiation and selection, allowing downgrade attacks where adversaries force fallback to weaker, vulnerable configurations like SSLv3 or outdated ciphers if stricter policies such as (HSTS) are absent. Subtle flaws, such as support for deprecated algorithms, can persist while displaying the secure , misleading users about the connection's integrity. Moreover, HTTPS secures only the between client and server, leaving DNS queries unencrypted and visible to network observers unless supplemented by (DoH), potentially exposing visited domains. Network observers such as Internet service providers (ISPs) can observe additional metadata from HTTPS connections. They can see the destination IP address, port numbers (typically 443), connection duration, data volume transferred, and timing patterns. Without Encrypted Client Hello (ECH), the domain name is visible via the plaintext Server Name Indication (SNI) in the TLS handshake. ECH encrypts the ClientHello message, including the SNI, to hide the domain name from passive observers. Adoption of ECH has increased significantly; as of 2025, it is supported and enabled by default in major browsers such as Firefox (since version 119) and Chrome, and enabled by default for customers on Cloudflare. However, ECH is not yet universally deployed across all browsers, websites, or networks, and the destination IP address along with other metadata remain visible unless additional privacy measures such as proxies, VPNs, or Tor are employed. ISPs cannot access the specific page path, query parameters, form data, or any encrypted content within the TLS tunnel. Scope limitations further constrain HTTPS: it provides channel but offers no protection against client-side threats like that can steal session or keystrokes post-decryption, nor does it inherently secure HTTP-loaded mixed content on HTTPS pages, which attackers can intercept and modify. lacking Secure and HttpOnly flags remain susceptible to interception or if misconfigured, despite the HTTPS context. The protocol's imposes a latency overhead of approximately 1-2 round-trip times (RTTs), roughly 100-200 milliseconds on typical networks, impacting for latency-sensitive applications without session resumption mitigations. These factors, combined with user tendencies to bypass browser warnings for invalid certificates, perpetuate a false sense of , as the green lock indicator does not guarantee absence of or data leaks beyond the encrypted channel.

Historical Evolution

Origins in Early Web Security

The Hypertext Transfer Protocol (HTTP), introduced by at between 1989 and 1991, transmitted data in plaintext, exposing communications to interception, eavesdropping, and tampering by attackers on shared networks. This vulnerability became acute as the expanded beyond academic and research use into commercial applications in the early , particularly for requiring protection of sensitive information like details. Without encryption, HTTP enabled straightforward man-in-the-middle attacks, where intermediaries could capture or alter transmitted data, underscoring the causal link between unencrypted protocols and heightened risks in public internet environments. To address these deficiencies, Communications developed the Secure Sockets Layer (SSL) protocol in 1994, led by chief scientist , as a cryptographic layer to encrypt HTTP traffic and ensure secure data exchange over the web. SSL version 1.0, completed internally that year, incorporated fundamental mechanisms like for and symmetric encryption for session data but was never publicly released due to identified security flaws, including vulnerability to known plaintext attacks. refined the protocol, releasing SSL 2.0 in February 1995 alongside its browser, marking the initial practical implementation of HTTPS—HTTP layered over SSL—as a scheme prefixed with "https://" to denote encrypted connections. This integration provided confidentiality, integrity, and rudimentary authentication, directly responding to the empirical threats posed by HTTP's openness in an era of burgeoning online transactions. Subsequent iterations, such as SSL 3.0 in 1996, further hardened the protocol against export restrictions on strong cryptography and known weaknesses in earlier versions, solidifying HTTPS's role in early web security. These developments were driven by first-mover incentives in the browser market, where sought to enable secure commerce to differentiate from competitors like , though SSL 2.0 itself retained flaws like susceptibility to truncation attacks that later necessitated upgrades. By establishing a transport-layer model independent of HTTP's application semantics, HTTPS origins reflect a pragmatic evolution from unsecured hypertext transfer to fortified client-server interactions, predicated on the verifiable need to mitigate transmission risks in heterogeneous networks.

Standardization and Protocol Upgrades

The Secure Sockets Layer (SSL) protocol, developed by Communications, laid the groundwork for HTTPS with SSL 2.0 released in February 1995 and SSL 3.0 in September 1996, providing the initial framework for encrypting HTTP traffic over TCP. Recognizing the need for an , the (IETF) formed a in 1996 to refine and standardize SSL 3.0, resulting in (TLS) version 1.0 as RFC 2246 published on January 26, 1999; this upgrade introduced minor cryptographic and protocol enhancements while maintaining to address proprietary limitations and emerging security needs. Subsequent upgrades focused on mitigating identified vulnerabilities and improving efficiency. TLS 1.1, specified in RFC 4346 on April 25, 2006, incorporated explicit initialization vectors for CBC-mode ciphers to counter chosen-plaintext attacks and refined error handling, though these changes were incremental rather than transformative. TLS 1.2, detailed in RFC 5246 on August 10, 2008, enabled more flexible negotiations, supported advanced features like , and deprecated weaker algorithms such as and hashes, driven by accumulating exploits like those exposing padding oracle vulnerabilities in prior versions. These evolutions reflected causal responses to real-world attacks, prioritizing cryptographic robustness over minimal disruption. TLS 1.3, published as RFC 8446 on August 10, 2018, represented a major redesign by the IETF TLS working group, streamlining the to a single round-trip for most connections, mandating through integrated , and eliminating legacy features like renegotiation and static RSA to reduce attack surfaces; development spanned over a decade amid concerns over quantum threats and by middleboxes. Earlier versions faced formal deprecation: SSL 3.0 in 2015 following the vulnerability disclosure, and TLS 1.0/1.1 via RFC 8996 on March 15, 2021, due to inherent weaknesses like susceptibility to downgrade attacks and outdated cipher support, compelling widespread migration to TLS 1.2 or higher for compliance with standards from bodies like PCI Security Standards Council. These upgrades underscore HTTPS's reliance on TLS evolution, where protocol inertia often delayed fixes until exploits demonstrated practical risks.

Major Adoption Drivers

The primary drivers of HTTPS adoption stemmed from the removal of technical and financial barriers, coupled with incentives from major browsers and search engines that prioritized secure connections for user trust and visibility. Prior to 2015, HTTPS usage hovered around 25% of websites due to the high cost and manual complexity of acquiring and renewing SSL/TLS certificates from commercial authorities. The launch of in December 2015 revolutionized this by offering free, automated certificate issuance, enabling rapid deployment without expertise; by 2019, it had issued more certificates than all other authorities combined, effectively doubling the proportion of secure websites and accelerating adoption to over 50% of by 2017. Search engine optimization provided another catalyst, as announced on August 6, 2014, that HTTPS would serve as a signal in its , rewarding secure sites with improved visibility and incentivizing webmasters to upgrade amid competitive pressures. This was amplified by browser-enforced user warnings: began displaying "Not Secure" labels for HTTP pages with forms or passwords in October 2017, expanding to all HTTP sites by July 2018 with Chrome 68, which deterred users from insecure connections and prompted widespread migrations. Underlying these technical shifts were heightened privacy and security imperatives, intensified by Edward Snowden's June 2013 revelations of programs, which exposed vulnerabilities in unencrypted HTTP traffic to interception and spurred demands for pervasive encryption. Advocacy from organizations like the (EFF), through initiatives such as Encrypt the Web and the browser extension launched in 2010, further promoted default encryption, contributing to a cultural shift where HTTPS became the norm for protecting against eavesdropping, man-in-the-middle attacks, and data tampering. By 2023, desktop users loaded over half their pages via HTTPS, reflecting these combined forces' causal impact on causal realism in web security practices.

Criticisms and Debates

Flaws in Certificate Authority Model

The certificate authority (CA) model underpinning HTTPS depends on a small number of trusted root vetted by browser vendors, which delegate certificate issuance through a hierarchical , but this creates a where any compromised CA can forge certificates for arbitrary domains, undermining the entire trust ecosystem. A breach at one CA propagates globally because end-user devices blindly trust all roots in the browser's store, enabling undetectable man-in-the-middle attacks as long as the forged certificate chains to a valid root. Historical compromises illustrate the model's fragility: In June 2011, Dutch CA suffered an intrusion by state-linked actors, who generated at least 531 fraudulent certificates for high-value domains including .com, *.google.com, and .org, which were used for targeted interception of traffic among Iranian users. The incident, undetected for weeks due to poor logging and segmentation, led to 's bankruptcy in September 2011 after browsers like and revoked its roots, exposing millions to potential risks until certificate pinning and revocation lists were updated. Earlier that year, in March 2011, unauthorized access via Comodo resellers allowed issuance of nine rogue certificates for such as login.yahoo.com and mail..com, highlighting subcontracting weaknesses where intermediate entities lack equivalent oversight. Systemic issues exacerbate these vulnerabilities, including inconsistent validation standards where domain-validated (DV) certificates require only proof of domain control—often via email or DNS records—without verifying the applicant's real-world identity, enabling impersonation by domain squatters or phishers. Certificate revocation mechanisms, reliant on certificate revocation lists (CRLs) or (OCSP), falter under network interference or high latency, as attackers can suppress checks or exploit stapling gaps, leaving invalid certificates usable for extended periods. flaws persist, with over 100 CAs in major browser stores exhibiting variable practices, including inadequate key protection and trails, as evidenced by analyses of billions of certificates revealing non-compliance with baseline validation rules. The model's homogeneous trust assumption—that all root CAs merit equal deference—ignores divergent profiles, such as differing regulatory environments or operational maturity, fostering over-reliance without granular user controls or decentralized alternatives like logs fully mitigating issuance errors. While post-incident measures like root program audits by browser vendors (e.g., Mozilla's CA enforcement) have disqualified repeat offenders, the persistence of centralized hierarchies underscores unresolved tensions between scalability and security robustness.

Trade-offs in Performance and Accessibility

HTTPS introduces computational and latency overhead compared to HTTP due to the TLS and symmetric processes. The initial TLS requires at least one round-trip time (RTT) for TLS 1.3, adding approximately 150 milliseconds of latency per RTT on typical networks, though session resumption and 0-RTT mechanisms can reduce this for subsequent connections. and decryption impose CPU costs, particularly on resource-constrained servers handling dynamic content, where benchmarks indicate up to 20-50% higher processing demands for small requests under high concurrency. These effects diminish for large data transfers, as the relative overhead of setup becomes negligible, and modern optimizations like hardware-accelerated further mitigate impacts on contemporary hardware. Protocol advancements address much of this overhead: and , which mandate TLS, enable and header compression, often yielding faster overall page loads than unoptimized HTTP/1.1 despite encryption. Empirical tests show that properly configured HTTPS sites can outperform plain HTTP by reducing connection setup times through persistent sessions and edge caching, though misconfigurations like unnecessary re-handshakes can exacerbate delays. In high-latency environments, such as mobile networks, the initial load penalty remains more pronounced, potentially increasing time-to-first-byte by 50-100 milliseconds without resumption. Regarding accessibility, HTTPS demands compatible TLS implementations, excluding legacy clients like pre-2010 browsers or embedded devices lacking support for required cipher suites, which may fail to connect or fallback insecurely. In restricted networks, such as corporate firewalls or state censorship regimes, visible Server Name Indication (SNI) in TLS 1.2 enables selective blocking of HTTPS traffic, reducing site reach compared to inspectable HTTP, though Encrypted Client Hello in TLS 1.3 obscures this at the cost of compatibility with older intermediaries. Certificate validation failures, including self-signed or expired certificates, trigger browser warnings that deter non-technical users, indirectly limiting access without providing fallback options inherent to HTTP. These compatibility constraints trade broader universality for enhanced privacy, as HTTP's lack of encryption allows transparent proxying but exposes data to interception.

References

  1. https://www.cloudflare.com/learning/ssl/why-use-https/
  2. https://www.fortinet.com/resources/cyberglossary/what-is-https
  3. https://www.exabeam.com/blog/infosec-trends/the-origins-of-web-security-and-the-birth-of-security-socket-layer-ssl-protocol/
  4. https://www.ssldragon.com/blog/history-of-ssl/
  5. https://www.upguard.com/blog/what-is-https
  6. https://timelines.issarice.com/wiki/Timeline_of_HTTPS_adoption
  7. https://www.azion.com/en/learning/websec/what-is-https/
  8. https://https.cio.gov/faq/
  9. https://www.loadbalancer.org/blog/what-does-https-mean-a-beginners-guide/
  10. https://datatracker.ietf.org/doc/html/rfc2818
  11. https://www.rfc-editor.org/info/rfc2818
  12. https://www.cloudflare.com/learning/ssl/what-is-https/
  13. https://www.techtarget.com/searchsoftwarequality/definition/HTTPS
  14. https://www.ssldragon.com/blog/ssl-stats/
  15. https://comparecheapssl.com/the-state-of-ssl-key-statistics-and-trends-shaping-web-security/
  16. https://www.zdnet.com/home-and-office/networking/how-lets-encrypt-made-the-internet-safer-and-https-standard-and-free/
  17. https://news.engin.umich.edu/2019/11/how-lets-encrypt-doubled-the-percentage-of-secure-websites-in-four-years/
  18. https://community.letsencrypt.org/t/pros-and-cons-of-90-day-certificate-lifetimes/4621
  19. https://blog.chromium.org/2023/08/towards-https-by-default.html
  20. https://www.ssl.com/article/what-is-http-strict-transport-security-hsts/
  21. https://securityscorecard.com/blog/what-is-hsts-and-how-does-it-strengthen-https-security/
  22. https://aws.amazon.com/compare/the-difference-between-https-and-http/
  23. https://www.cloudflare.com/learning/ssl/why-is-http-not-secure/
  24. https://www.keyfactor.com/blog/http-vs-https-whats-the-difference/
  25. https://www.keycdn.com/blog/https-performance-overhead
  26. https://www.upguard.com/blog/http-vs-https
  27. https://datatracker.ietf.org/doc/html/rfc8446
  28. https://www.cloudflare.com/learning/ssl/what-happens-in-a-tls-handshake/
  29. https://blog.cloudflare.com/announcing-encrypted-client-hello/
  30. https://support.mozilla.org/en-US/kb/understand-encrypted-client-hello
  31. https://auth0.com/blog/the-tls-handshake-explained/
  32. https://datatracker.ietf.org/doc/html/rfc5246#section-6
  33. https://datatracker.ietf.org/doc/html/rfc8446#section-5
  34. https://datatracker.ietf.org/doc/html/rfc9250
  35. https://datatracker.ietf.org/doc/html/rfc5246#section-6.2.1
  36. https://datatracker.ietf.org/doc/html/rfc8446#section-1.1
  37. https://www.cloudflare.com/learning/ssl/transport-layer-security-tls/
  38. https://www.ssl.com/guide/ssl-best-practices/
  39. https://nginx.org/en/docs/http/configuring_https_servers.html
  40. https://protocolguard.com/resources/install-an-ssl-tls-certificate-apache-nginx-iis/
  41. https://www.ncsc.gov.uk/guidance/using-tls-to-protect-data
  42. https://developers.cloudflare.com/ssl/edge-certificates/additional-options/cipher-suites/recommendations/
  43. https://www.ssl.com/guide/tls-standards-compliance/
  44. https://web.dev/articles/enable-https
  45. https://learn.microsoft.com/en-us/exchange/plan-and-deploy/post-installation-tasks/security-best-practices/configure-http-strict-transport-security-in-exchange-server
  46. https://www.cyrozap.com/2015/05/03/configuring-nginx-to-use-hsts-with-an-automatic-https-redirect/
  47. https://community.citrix.com/tech-zone/build/tech-papers/networking-tls-best-practices-2025/
  48. https://www.globalsign.com/en/blog/what-is-a-certificate-signing-request-csr-old
  49. https://knowledge.digicert.com/general-information/how-to-create-a-csr
  50. https://www.thesslstore.com/new-to-ssl/how-ssl-tls-issuance-works.aspx
  51. https://www.ssl.com/how-to/ordering-and-retrieving-ssl-tls-certificates/
  52. https://www.digicert.com/difference-between-dv-ov-and-ev-ssl-certificates
  53. https://www.ssl.com/article/dv-ov-and-ev-certificates/
  54. https://www.geotrust.com/what-are-dv-ov-ev-tls-ssl-certificates
  55. https://www.digicert.com/how-tls-ssl-certificates-work
  56. https://aws.github.io/s2n-tls/usage-guide/ch09-certificates.html
  57. https://www.ssl.com/article/a-guide-to-ssl-tls-and-client-authentication-certificates-for-containers/
  58. https://curity.io/resources/learn/oauth-client-authentication-mutual-tls/
  59. https://security.stackexchange.com/questions/16685/what-can-an-attacker-do-with-a-stolen-ssl-private-key-what-should-the-web-admin
  60. https://www.encryptionconsulting.com/education-center/handle-breached-certificate-and-key/
  61. https://www.heartbleed.com/
  62. https://blog.cloudflare.com/heartbleed-revisited/
  63. https://blog.mozilla.org/security/2011/09/02/diginotar-removal-follow-up/
  64. https://www.microsoft.com/en-us/msrc/blog/2011/09/more-on-microsofts-response-to-the-diginotar-compromise
  65. https://www.sei.cmu.edu/blog/implications-and-mitigation-strategies-for-the-loss-of-end-entity-private-keys/
  66. https://sslmate.com/resources/certificate_authority_failures
  67. https://www.eff.org/deeplinks/2011/10/how-secure-https-today
  68. https://www.acunetix.com/blog/articles/tls-vulnerabilities-attacks-final-part/
  69. https://www.wired.com/story/https-isnt-always-as-secure-as-it-seems/
  70. https://textslashplain.com/2018/02/14/understanding-the-limitations-of-https/
  71. https://broadbandnow.com/guides/what-your-isp-knows-about-your-data-use
  72. https://developers.cloudflare.com/ssl/edge-certificates/ech/
  73. https://www.infosecinstitute.com/resources/vulnerabilities/https-mixed-content-vulnerability/
  74. https://prophaze.com/blog/what-is-insecure-https-cookies-and-their-risks/
  75. https://heimdalsecurity.com/blog/what-is-transport-layer-security/
  76. https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/Evolution_of_HTTP
  77. https://www.jefftk.com/p/history-of-https-usage
  78. https://www.globalsign.com/en/blog/history-internet-development-pki
  79. https://infinitydomainhosting.com/kb/who-invented-ssl/
  80. https://www.feistyduck.com/ssl-tls-and-pki-history/
  81. https://www.thesslstore.com/blog/ssl-and-tls-versions-celebrating-30-years-of-history/
  82. https://www.rfc-editor.org/rfc/rfc2246.html
  83. https://datatracker.ietf.org/doc/html/rfc4346
  84. https://datatracker.ietf.org/doc/html/rfc5246
  85. https://datatracker.ietf.org/wg/tls/about/
  86. https://www.rfc-editor.org/rfc/rfc8996.html
  87. https://blog.pcisecuritystandards.org/migrating-from-ssl-and-early-tls
  88. https://letsencrypt.org/2022/02/25/ford-foundation
  89. https://news.umich.edu/how-lets-encrypt-doubled-the-internets-percentage-of-secure-websites-in-four-years/
  90. https://techcrunch.com/2017/02/22/eff-half-the-web-is-now-encrypted/
  91. https://www.seroundtable.com/google-ssl-https-ranking-signal-18966.html
  92. https://security.googleblog.com/2018/02/a-secure-web-is-here-to-stay.html
  93. https://thehackernews.com/2018/07/google-chrome-not-secure.html
  94. https://www.eff.org/encrypt-the-web
  95. https://transparencyreport.google.com/https?hl=en
  96. https://ieeexplore.ieee.org/document/8249081/
  97. https://cybersierra.co/blog/certificate-authority-vulnerabilities/
  98. https://www.accessnow.org/wp-content/uploads/archive/docs/Weakest_Link_in_the_Chain.pdf
  99. https://www.wired.com/2011/09/diginotar-bankruptcy/
  100. https://www.enisa.europa.eu/sites/default/files/all_files/Operation_Black_Tulip_v2.pdf
  101. https://www.mozilla.org/en-US/security/advisories/mfsa2011-34/
  102. https://blog.citp.princeton.edu/2010/12/15/flawed-legal-architecture-certificate-authority-trust-model/
  103. https://www.splunk.com/en_us/blog/security/trust-unearned-evaluating-ca-trustworthiness-across-5-billion-certificates.html
  104. https://iang.org/ssl/pki_considered_harmful.html
  105. https://www.thousandeyes.com/blog/optimizing-web-performance-tls-1-3
  106. https://www.catchpoint.com/http2-vs-http3/tls1-2-vs-1-3
  107. https://stackoverflow.com/questions/149274/http-vs-https-performance
  108. https://www.tunetheweb.com/blog/http-versus-https-versus-http2/
  109. https://deanhume.com/http-vs-https-performance-comparison/
  110. https://www.hostinger.com/tutorials/http-vs-https
  111. https://lightyear.ai/tips/quic-versus-https
  112. https://www.sslinsights.com/http-vs-https/
Add your contribution
Related Hubs
User Avatar
No comments yet.