HTTPS — Technology Wiki

Overview

Direct Answer

HTTPS is the encrypted version of HTTP that layers the TLS (Transport Layer Security) protocol over standard HTTP communication, ensuring data confidentiality, integrity, and server authentication. It uses asymmetric cryptography during handshake and symmetric encryption for subsequent session data.

How It Works

The protocol initiates a TLS handshake where the client and server exchange certificates and agree on encryption algorithms before any application data is transmitted. The server presents a certificate signed by a trusted certificate authority, enabling the client to verify authenticity. All subsequent HTTP requests and responses are encrypted using the negotiated symmetric key.

Why It Matters

Organisations require encrypted connections to protect sensitive data in transit, comply with regulations such as GDPR and PCI-DSS, and maintain user trust. Search engines prioritise secure sites in rankings, whilst browsers display security warnings for unencrypted connections, creating commercial and user experience incentives.

Common Applications

Financial institutions use HTTPS for online banking and payment processing; healthcare providers protect patient data transmission; e-commerce platforms secure customer transactions and credentials. Content management systems, email services, and government portals universally adopt the protocol.

Key Considerations

HTTPS introduces modest computational overhead and latency during the TLS handshake, though modern optimisations such as session resumption mitigate this. Certificate management, expiration tracking, and organisational PKI infrastructure require operational discipline to prevent service disruption.

Cross-References(1)

Networking & Communications

HTTP

Related in Protocols & Standards

Computer Network

A collection of interconnected computing devices that share resources and communicate using standardised protocols.

TCP/IP

Transmission Control Protocol/Internet Protocol — the fundamental communication protocol suite powering the internet.

HTTP

Hypertext Transfer Protocol — the application-layer protocol for transmitting hypermedia documents on the World Wide Web.

DNS

Domain Name System — the hierarchical system that translates human-readable domain names into numerical IP addresses.

IP Address

A unique numerical label assigned to each device connected to a computer network for identification and routing.

IPv6

The most recent version of the Internet Protocol, providing a vastly larger address space than IPv4.

Subnet

A logical subdivision of an IP network that improves security and performance by segmenting traffic.

Software-Defined Networking

An approach to networking that uses software-based controllers to manage network behaviour centrally.

Wi-Fi 6

The sixth generation of Wi-Fi technology offering improved speed, capacity, and performance in dense environments.

Network Latency

The time delay between sending and receiving data across a network, measured in milliseconds.

Bandwidth

The maximum rate of data transfer across a network path, typically measured in bits per second.

Throughput

The actual rate of successful data transfer across a network in a given time period.

More in Networking & Communications

Network Resilience

Protocols & Standards

The ability of a network to maintain acceptable service levels despite faults, challenges, and threats.

Network Segmentation

Network Security

Dividing a computer network into smaller subnetworks to improve security and performance.

5G

Infrastructure

The fifth generation of mobile network technology offering higher speeds, lower latency, and massive device connectivity.

NAT

Protocols & Standards

Network Address Translation — a method of mapping one IP address space into another by modifying packet headers.

mTLS

Protocols & Standards

Mutual Transport Layer Security — a protocol where both client and server authenticate each other using certificates.

Network Function Virtualisation

Cloud Networking

Replacing dedicated network hardware with software running on commodity servers.

VLAN

Infrastructure

Virtual Local Area Network — a logical grouping of network devices that communicate as if on the same physical network.

Proxy Server

Infrastructure

An intermediary server that forwards requests between clients and other servers, providing security and caching.