HTTPS, the Glossary
Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP).[1]
Table of Contents
100 relations: Address bar, Android (operating system), Application layer, Authentication, Black Hat Briefings, Block cipher mode of operation, Bullrun (decryption program), Captive portal, Certificate authority, Certificate revocation list, Chosen-ciphertext attack, Chromium (web browser), Cipher, Cipher suite, Ciphertext, Client certificate, Communication protocol, Communications security, Comodo Cybersecurity, Computer network, Computer security, Data integrity, Dialog box, Diffie–Hellman key exchange, Eavesdropping, Electronic Frontier Foundation, Elliptic-curve Diffie–Hellman, Encryption, Extended Validation Certificate, Firefox, Forward secrecy, Google Chrome, HTTP, HTTP cookie, HTTP Strict Transport Security, HTTP/2, HTTP/3, HTTPS Everywhere, If and only if, Implementation, Indiana University Bloomington, Information privacy, Institute of Electrical and Electronics Engineers, Internet, Internet Engineering Task Force, Internet Explorer, Internet Explorer 7, Internet filter, Internet protocol suite, Let's Encrypt, ... Expand index (50 more) »
- Hypertext Transfer Protocol
- URI schemes
Address bar
In a web browser, the address bar (also location bar or URL bar) is the element that shows the current URL.
Android (operating system)
Android is a mobile operating system based on a modified version of the Linux kernel and other open-source software, designed primarily for touchscreen mobile devices such as smartphones and tablets.
See HTTPS and Android (operating system)
Application layer
An application layer is an abstraction layer that specifies the shared communication protocols and interface methods used by hosts in a communications network.
See HTTPS and Application layer
Authentication
Authentication (from authentikos, "real, genuine", from αὐθέντης authentes, "author") is the act of proving an assertion, such as the identity of a computer system user.
Black Hat Briefings
Black Hat Briefings (commonly referred to as Black Hat) is a computer security conference that provides security consulting, training, and briefings to hackers, corporations, and government agencies around the world.
See HTTPS and Black Hat Briefings
Block cipher mode of operation
In cryptography, a block cipher mode of operation is an algorithm that uses a block cipher to provide information security such as confidentiality or authenticity.
See HTTPS and Block cipher mode of operation
Bullrun (decryption program)
Bullrun (stylized BULLRUN) is a clandestine, highly classified program to crack encryption of online communications and data, which is run by the United States National Security Agency (NSA).
See HTTPS and Bullrun (decryption program)
Captive portal
A captive portal is a web page accessed with a web browser that is displayed to newly connected users of a Wi-Fi or wired network before they are granted broader access to network resources.
In cryptography, a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. HTTPS and certificate authority are transport Layer Security.
See HTTPS and Certificate authority
Certificate revocation list
In cryptography, a certificate revocation list (CRL) is "a list of digital certificates that have been revoked by the issuing certificate authority (CA) before their scheduled expiration date and should no longer be trusted". HTTPS and certificate revocation list are transport Layer Security.
See HTTPS and Certificate revocation list
Chosen-ciphertext attack
A chosen-ciphertext attack (CCA) is an attack model for cryptanalysis where the cryptanalyst can gather information by obtaining the decryptions of chosen ciphertexts.
See HTTPS and Chosen-ciphertext attack
Chromium (web browser)
Chromium is a free and open-source web browser project, primarily developed and maintained by Google.
See HTTPS and Chromium (web browser)
Cipher
In cryptography, a cipher (or cypher) is an algorithm for performing encryption or decryption—a series of well-defined steps that can be followed as a procedure.
See HTTPS and Cipher
Cipher suite
A cipher suite is a set of algorithms that help secure a network connection. HTTPS and cipher suite are secure communication and transport Layer Security.
Ciphertext
In cryptography, ciphertext or cyphertext is the result of encryption performed on plaintext using an algorithm, called a cipher.
Client certificate
In cryptography, a client certificate is a type of digital certificate that is used by client systems to make authenticated requests to a remote server.
See HTTPS and Client certificate
Communication protocol
A communication protocol is a system of rules that allows two or more entities of a communications system to transmit information via any variation of a physical quantity.
See HTTPS and Communication protocol
Communications security
Communications security is the discipline of preventing unauthorized interceptors from accessing telecommunications in an intelligible form, while still delivering content to the intended recipients.
See HTTPS and Communications security
Comodo Cybersecurity
Xcitium, formerly known as Comodo Security Solutions, Inc., is a cybersecurity company headquartered in Bloomfield, New Jersey.
See HTTPS and Comodo Cybersecurity
Computer network
A computer network is a set of computers sharing resources located on or provided by network nodes.
See HTTPS and Computer network
Computer security
Computer security (also cybersecurity, digital security, or information technology (IT) security) is the protection of computer systems and networks from threats that may result in unauthorized information disclosure, theft of (or damage to) hardware, software, or data, as well as from the disruption or misdirection of the services they provide. HTTPS and computer security are secure communication.
See HTTPS and Computer security
Data integrity
Data integrity is the maintenance of, and the assurance of, data accuracy and consistency over its entire life-cycle.
Dialog box
The dialog box (also called message box or simply dialog) is a graphical control element in the form of a small window that communicates information to the user and prompts them for a response.
Diffie–Hellman key exchange
Diffie–Hellman (DH) key exchangeSynonyms of Diffie–Hellman key exchange include.
See HTTPS and Diffie–Hellman key exchange
Eavesdropping
Eavesdropping is the act of secretly or stealthily listening to the private conversation or communications of others without their consent in order to gather information.
Electronic Frontier Foundation
The Electronic Frontier Foundation (EFF) is an international non-profit digital rights group based in San Francisco, California.
See HTTPS and Electronic Frontier Foundation
Elliptic-curve Diffie–Hellman
Elliptic-curve Diffie–Hellman (ECDH) is a key agreement protocol that allows two parties, each having an elliptic-curve public–private key pair, to establish a shared secret over an insecure channel.
See HTTPS and Elliptic-curve Diffie–Hellman
Encryption
In cryptography, encryption is the process of transforming (more specifically, encoding) information in a way that, ideally, only authorized parties can decode.
Extended Validation Certificate
An Extended Validation Certificate (EV) is a certificate conforming to X.509 that proves the legal entity of the owner and is signed by a certificate authority key that can issue EV certificates. HTTPS and Extended Validation Certificate are transport Layer Security.
See HTTPS and Extended Validation Certificate
Firefox
Mozilla Firefox, or simply Firefox, is a free and open source web browser developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation.
Forward secrecy
In cryptography, forward secrecy (FS), also known as perfect forward secrecy (PFS), is a feature of specific key-agreement protocols that gives assurances that session keys will not be compromised even if long-term secrets used in the session key exchange are compromised, limiting damage. HTTPS and forward secrecy are transport Layer Security.
Google Chrome
Google Chrome is a web browser developed by Google.
HTTP
HTTP (Hypertext Transfer Protocol) is an application layer protocol in the Internet protocol suite model for distributed, collaborative, hypermedia information systems. HTTPS and HTTP are Hypertext Transfer Protocol.
See HTTPS and HTTP
HTTP cookie
HTTP cookies (also called web cookies, Internet cookies, browser cookies, or simply cookies) are small blocks of data created by a web server while a user is browsing a website and placed on the user's computer or other device by the user's web browser.
HTTP Strict Transport Security
HTTP Strict Transport Security (HSTS) is a policy mechanism that helps to protect websites against man-in-the-middle attacks such as protocol downgrade attacks and cookie hijacking. HTTPS and HTTP Strict Transport Security are transport Layer Security.
See HTTPS and HTTP Strict Transport Security
HTTP/2
HTTP/2 (originally named HTTP/2.0) is a major revision of the HTTP network protocol used by the World Wide Web. HTTPS and HTTP/2 are Hypertext Transfer Protocol.
See HTTPS and HTTP/2
HTTP/3
HTTP/3 is the third major version of the Hypertext Transfer Protocol used to exchange information on the World Wide Web, complementing the widely-deployed HTTP/1.1 and HTTP/2. HTTPS and HTTP/3 are Hypertext Transfer Protocol.
See HTTPS and HTTP/3
HTTPS Everywhere
HTTPS Everywhere is a discontinued free and open-source browser extension for Google Chrome, Microsoft Edge, Mozilla Firefox, Opera, Brave, Vivaldi and Firefox for Android, which was developed collaboratively by The Tor Project and the Electronic Frontier Foundation (EFF). HTTPS and HTTPS Everywhere are secure communication and transport Layer Security.
See HTTPS and HTTPS Everywhere
If and only if
In logic and related fields such as mathematics and philosophy, "if and only if" (often shortened as "iff") is paraphrased by the biconditional, a logical connective between statements.
Implementation
Implementation is the realization of an application, execution of a plan, idea, model, design, specification, standard, algorithm, policy, or the administration or management of a process or objective.
Indiana University Bloomington
Indiana University Bloomington (IU Bloomington, Indiana University, IU, or simply Indiana) is a public research university in Bloomington, Indiana.
See HTTPS and Indiana University Bloomington
Information privacy
Information privacy is the relationship between the collection and dissemination of data, technology, the public expectation of privacy, contextual information norms, and the legal and political issues surrounding them.
See HTTPS and Information privacy
Institute of Electrical and Electronics Engineers
The Institute of Electrical and Electronics Engineers (IEEE) is an American 501(c)(3) professional association for electronics engineering, electrical engineering, and other related disciplines.
See HTTPS and Institute of Electrical and Electronics Engineers
Internet
The Internet (or internet) is the global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices.
Internet Engineering Task Force
The Internet Engineering Task Force (IETF) is a standards organization for the Internet and is responsible for the technical standards that make up the Internet protocol suite (TCP/IP).
See HTTPS and Internet Engineering Task Force
Internet Explorer
Internet Explorer (formerly Microsoft Internet Explorer and Windows Internet Explorer, commonly abbreviated as IE or MSIE) is a retired series of graphical web browsers developed by Microsoft that were used in the Windows line of operating systems.
See HTTPS and Internet Explorer
Internet Explorer 7
Windows Internet Explorer 7 (IE7) (codenamed Rincon) is a web browser for Windows.
See HTTPS and Internet Explorer 7
Internet filter
An Internet filter is software that restricts or controls the content an Internet user is capable to access, especially when utilized to restrict material delivered over the Internet via the Web, Email, or other means.
Internet protocol suite
The Internet protocol suite, commonly known as TCP/IP, is a framework for organizing the set of communication protocols used in the Internet and similar computer networks according to functional criteria.
See HTTPS and Internet protocol suite
Let's Encrypt
Let's Encrypt is a non-profit certificate authority run by Internet Security Research Group (ISRG) that provides X.509 certificates for Transport Layer Security (TLS) encryption at no charge. HTTPS and Let's Encrypt are secure communication and transport Layer Security.
List of TCP and UDP port numbers
This is a list of TCP and UDP port numbers used by protocols for operation of network applications.
See HTTPS and List of TCP and UDP port numbers
Malware
Malware (a portmanteau of malicious software)Tahir, R. (2018).
Man-in-the-middle attack
In cryptography and computer security, a man-in-the-middle (MITM) attack, or on-path attack, is a cyberattack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other, as the attacker has inserted themselves between the two user parties. HTTPS and man-in-the-middle attack are transport Layer Security.
See HTTPS and Man-in-the-middle attack
Mass surveillance
Mass surveillance is the intricate surveillance of an entire or a substantial fraction of a population in order to monitor that group of citizens.
See HTTPS and Mass surveillance
Metadata (or metainformation) is "data that provides information about other data", but not the content of the data itself, such as the text of a message or the image itself.
Microsoft
Microsoft Corporation is an American multinational corporation and technology company headquartered in Redmond, Washington.
Microsoft Docs
Microsoft Docs was a library of technical documentation for end users, developers, and IT professionals who work with Microsoft products.
Microsoft Research
Microsoft Research (MSR) is the research subsidiary of Microsoft.
See HTTPS and Microsoft Research
Mozilla Foundation
The Mozilla Foundation (stylized as moz://a) is an American non-profit organization that exists to support and collectively lead the open source Mozilla project.
See HTTPS and Mozilla Foundation
National Security Agency
The National Security Agency (NSA) is an intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI).
See HTTPS and National Security Agency
Netscape
Netscape Communications Corporation (originally Mosaic Communications Corporation) was an American independent computer services company with headquarters in Mountain View, California, and then Dulles, Virginia.
Netscape Navigator
Netscape Navigator is a discontinued web browser, and the original browser of the Netscape line, from versions 1 to 4.08, and 9.x. It was the flagship product of the Netscape Communications Corp and was the dominant web browser in terms of usage share in the 1990s, but by around 2003 its user base had all but disappeared.
See HTTPS and Netscape Navigator
Online Certificate Status Protocol
The Online Certificate Status Protocol (OCSP) is an Internet protocol used for obtaining the revocation status of an X.509 digital certificate. HTTPS and Online Certificate Status Protocol are cryptographic protocols and transport Layer Security.
See HTTPS and Online Certificate Status Protocol
Opera (web browser)
Opera is a multi-platform web browser developed by its namesake company Opera.
See HTTPS and Opera (web browser)
Opportunistic encryption
Opportunistic encryption (OE) refers to any system that, when connecting to another system, attempts to encrypt communications channels, otherwise falling back to unencrypted communications.
See HTTPS and Opportunistic encryption
Packet analyzer
A packet analyzer, also known as packet sniffer, protocol analyzer, or network analyzer, is a computer program or computer hardware such as a packet capture appliance that can analyze and log traffic that passes over a computer network or part of a network.
Packet injection
Packet injection (also known as forging packets or spoofing packets) in computer networking, is the process of interfering with an established network connection by means of constructing packets to appear as if they are part of the normal communication stream.
See HTTPS and Packet injection
Plaintext
In cryptography, plaintext usually means unencrypted information pending input into cryptographic algorithms, usually encryption algorithms.
Port (computer networking)
In computer networking, a port or port number is a number assigned to uniquely identify a connection endpoint and to direct data to a specific service.
See HTTPS and Port (computer networking)
Public key certificate
In cryptography, a public key certificate, also known as a digital certificate or identity certificate, is an electronic document used to prove the validity of a public key.
See HTTPS and Public key certificate
Public-key cryptography
Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. HTTPS and Public-key cryptography are cryptographic protocols.
See HTTPS and Public-key cryptography
QUIC
QUIC is a general-purpose transport layer network protocol initially designed by Jim Roskind at Google.
See HTTPS and QUIC
Root certificate
In cryptography and computer security, a root certificate is a public key certificate that identifies a root certificate authority (CA). HTTPS and root certificate are transport Layer Security.
See HTTPS and Root certificate
Safari (web browser)
Safari is a web browser developed by Apple.
See HTTPS and Safari (web browser)
Secure cookie
Secure cookies are a type of disable HTTP cookie that have Secure attribute set, which limits the scope of the cookie to "secure" channels (where "secure" is defined by the user agent, typically web browser).
Secure Hypertext Transfer Protocol
Secure Hypertext Transfer Protocol (S-HTTP) is an obsolete alternative to the HTTPS protocol for encrypting web communications carried over the Internet. HTTPS and Secure Hypertext Transfer Protocol are cryptographic protocols and Hypertext Transfer Protocol.
See HTTPS and Secure Hypertext Transfer Protocol
Server Name Indication
Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process. HTTPS and Server Name Indication are secure communication and transport Layer Security.
See HTTPS and Server Name Indication
Session key
A session key is a single-use symmetric key used for encrypting all messages in one communication session.
Side-channel attack
In computer security, a side-channel attack is any attack based on extra information that can be gathered because of the fundamental way a computer protocol or algorithm is implemented, rather than flaws in the design of the protocol or algorithm itself (e.g. flaws found in a cryptanalysis of a cryptographic algorithm) or minor, but potentially devastating, mistakes or oversights in the implementation.
See HTTPS and Side-channel attack
Softpedia
Softpedia is a software and tech news website based in Romania.
SPDY
SPDY (pronounced "speedy") is an obsolete open-specification communication protocol developed for transporting web content.
See HTTPS and SPDY
Stunnel
Stunnel is an open-source multi-platform application used to provide a universal TLS/SSL tunneling service.
Supply chain attack
A supply chain attack is a cyber-attack that seeks to damage an organization by targeting less secure elements in the supply chain.
See HTTPS and Supply chain attack
The Tor Project
The Tor Project, Inc. is a 501(c)(3) research-education nonprofit organization based in Winchester, Massachusetts.
Tor (network)
Tor is a free overlay network for enabling anonymous communication.
Traffic analysis
Traffic analysis is the process of intercepting and examining messages in order to deduce information from patterns in communication.
See HTTPS and Traffic analysis
Transport Layer Security
Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. HTTPS and Transport Layer Security are cryptographic protocols.
See HTTPS and Transport Layer Security
Uniform Resource Identifier
A Uniform Resource Identifier (URI), formerly Universal Resource Identifier, is a unique sequence of characters that identifies an abstract or physical resource, such as resources on a webpage, mail address, phone number, books, real-world objects such as people and places, concepts.
See HTTPS and Uniform Resource Identifier
URL
A uniform resource locator (URL), colloquially known as an address on the Web, is a reference to a resource that specifies its location on a computer network and a mechanism for retrieving it. HTTPS and URL are internet properties established in 1994 and URI schemes.
See HTTPS and URL
Web browser
A web browser is an application for accessing websites.
Web crawler
A Web crawler, sometimes called a spider or spiderbot and often shortened to crawler, is an Internet bot that systematically browses the World Wide Web and that is typically operated by search engines for the purpose of Web indexing (web spidering).
Web of trust
In cryptography, a web of trust is a concept used in PGP, GnuPG, and other OpenPGP-compatible systems to establish the authenticity of the binding between a public key and its owner.
Web server
A web server is computer software and underlying hardware that accepts requests via HTTP (the network protocol created to distribute web content) or its secure variant HTTPS.
Website
A website (also written as a web site) is a collection of web pages and related content that is identified by a common domain name and published on at least one web server.
Wi-Fi
Wi-Fi is a family of wireless network protocols based on the IEEE 802.11 family of standards, which are commonly used for local area networking of devices and Internet access, allowing nearby digital devices to exchange data by radio waves.
See HTTPS and Wi-Fi
Windows Vista
Windows Vista is a major release of the Windows NT operating system developed by Microsoft.
Wireless LAN
A wireless LAN (WLAN) is a wireless computer network that links two or more devices using wireless communication to form a local area network (LAN) within a limited area such as a home, school, computer laboratory, campus, or office building.
World Wide Web
The World Wide Web (WWW or simply the Web) is an information system that enables content sharing over the Internet through user-friendly ways meant to appeal to users beyond IT specialists and hobbyists.
X.509
In cryptography, X.509 is an International Telecommunication Union (ITU) standard defining the format of public key certificates. HTTPS and X.509 are cryptographic protocols.
See HTTPS and X.509
2010s global surveillance disclosures
During the 2010s, international media reports revealed new operational details about the Anglophone cryptographic agencies' global surveillance of both foreign and domestic nationals.
See HTTPS and 2010s global surveillance disclosures
See also
Hypertext Transfer Protocol
- Atdmt
- BOSH (protocol)
- Basic access authentication
- Byte serving
- Cache Array Routing Protocol
- CardDAV
- Comparison of CalDAV and CardDAV implementations
- Constrained Application Protocol
- Content negotiation
- Dave Raggett
- Digest access authentication
- Domain Application Protocol
- Dynamic Adaptive Streaming over HTTP
- HAR (file format)
- HTTP
- HTTP Live Streaming
- HTTP compression
- HTTP message body
- HTTP parameter pollution
- HTTP persistent connection
- HTTP pipelining
- HTTP tunnel
- HTTP/2
- HTTP/2 Server Push
- HTTP/3
- HTTPS
- Henrik Frystyk Nielsen
- High Efficiency Streaming Protocol
- Httperf
- Link prefetching
- Linked Data Platform
- MMCache
- PATCH (HTTP)
- POST (HTTP)
- REST
- Roy Fielding
- Salmon (protocol)
- Secure Hypertext Transfer Protocol
- Tim Berners-Lee
- Web cache
- Web-based SSH
- WebDAV
- Webhook
- Well-known URI
URI schemes
- About URI scheme
- Acct URI scheme
- Bistro Framework
- Blob URI scheme
- CURIE
- Content reference identifier
- Data URI scheme
- Ed2k URI scheme
- Extensible Resource Identifier
- Feed URI scheme
- File URI scheme
- Geo URI scheme
- Gopher (protocol)
- HTTP referer
- HTTPS
- Identifiers.org
- Info URI scheme
- LSID
- Lex (URN)
- List of URI schemes
- Magnet URI scheme
- Mailto
- Percent-encoding
- Persistent uniform resource locator
- SIP URI scheme
- Tag URI scheme
- Telnet
- URI fragment
- URL
- Uniform Resource Characteristic
- Uniform Resource Name
- View-source URI scheme
- WYCIWYG
- Webcal
- Well-known URI
References
[1] https://en.wikipedia.org/wiki/HTTPS
Also known as HTTP SSL, HTTP Secure, HTTP TLS, HTTP over SSL, HTTP over TLS, HTTPS Secure, HTTPS URI, HTTPS URL, HTTPS connection, HTTPS encryption, HTTPS web, HTTPS website, HTTPS:/, HTTPS://, HTTTPS, Htpps, Htps:, Htps://, Https scheme, Https., Https:, Https: URI scheme, Https;, HyperText Transfer Protocol with Privacy, Hypertext Transfer Protocol (Secure), Hypertext Transfer Protocol Secure, Hypertext Transfer Protocol over Secure Socket Layer, Neverssl.com, Port 443, Secure Server, Secure Servers, Secure website.
, List of TCP and UDP port numbers, Malware, Man-in-the-middle attack, Mass surveillance, Metadata, Microsoft, Microsoft Docs, Microsoft Research, Mozilla Foundation, National Security Agency, Netscape, Netscape Navigator, Online Certificate Status Protocol, Opera (web browser), Opportunistic encryption, Packet analyzer, Packet injection, Plaintext, Port (computer networking), Public key certificate, Public-key cryptography, QUIC, Root certificate, Safari (web browser), Secure cookie, Secure Hypertext Transfer Protocol, Server Name Indication, Session key, Side-channel attack, Softpedia, SPDY, Stunnel, Supply chain attack, The Tor Project, Tor (network), Traffic analysis, Transport Layer Security, Uniform Resource Identifier, URL, Web browser, Web crawler, Web of trust, Web server, Website, Wi-Fi, Windows Vista, Wireless LAN, World Wide Web, X.509, 2010s global surveillance disclosures.