Many people are using these terms interchangeably. But the correct term is TLS. Well, let us understand what this TLS is and why we really need it.
Most of us are already aware that HTTP is a plain text protocol which doesn’t have its own transport security mechanisms. In other words, HTTP is a protocol which sends the data to a server and gets a response without any built-in feature or mechanism to protect the data packet against tampering.
To protect our packet which is traveling through HTTP, some sort of secure tunneling is required and that secure tunneling is provided by a protocol called TLS, a.k.a., SSL. Here, HTTP and TLS come together.
Usually, people associate SSL/TLS with encryption, but that is not the only feature SSL provides. There are a few more features, such as -
- Server Authentication – It makes sure that the communication with the right server is made.
- Veracity Protection – It promotes integrity and makes sure that no one in between is reading our data.
- Confidentiality – It makes sure that no one should know what data is being transmitted.
Associating the above features with HTTP makes HTTPS more reliable and authentic. Now, the question arises -- how to achieve this or how to implement this SSL. Wait for my next blog to learn more about SSL certificates.
Happy learning.