Talk:Hypertext Transfer Protocol over Secure Socket Layer

From Wikipedia, the free encyclopedia

Contents 1 To do 1.1 Name-based virtual hosting 2 Headline text 2.1 Adecco website redirects here! 3 Can't view this article 4 Out-of-place text that I cannot delete 5 Diagram & How It REALLY Works? 6 difference between SFTP & HTTPS 7 External Link Proposal 8 Spam links? 9 HTPS redirect 10 Speed? When using HTTPS 11 vs Comcast 12 Capitalization

[edit] To do

To do:

• mention the virtual hosting IP address problem: how does SSL/TLS know which cert to present?
• mention the HTTP to SHTTP boosting solution: but not yet widely deployed

The Anome 17:46 Feb 24, 2003 (UTC)

I came here looking for how to write web pages that use HTTPS. Is there an HTML keyword? Did not get any help. Would be nice if there was a pointer to that information.

HTML and HTTP are two different things. HTML is a markup language and HTTP is a protocol which can be used to transport html to a web browser. Your HTML will not look any different whether being transported via HTTP or HTTPS.

I don't have a pointer but no, it doesn't depend on HTML. The client can initiate HTTPS by using an https: URL, and/or you can configure virtual directories on your Web server to require HTTPS. Yaron 20:45, May 17, 2005 (UTC)

[edit] Name-based virtual hosting

The article says:

(This is subject to change in the upcoming TLS 1.1, which will enable name-based virtual hosting. As of December 2006, all major web browsers support TLS's Server Name Indication feature, but the feature is not widely used by web sites.)

However, there are no details nor pointers on this subject. Either one would be appreciated. -- Ernstdehaan 14:29, 16 May 2007 (UTC)

[edit] Headline text

[edit] Adecco website redirects here!

Why does this page keep coming up every time I access a Job registration page? I dont give a hoot about https; get the thing off.

Because Adecco's web coders are morons. If you're using Firefox, it gives you this page instead of their application form for some weird reason.

If you type just "https" (or any other non-url) into your URL bar in firefox, firefox types it into the search at google.com and presses the I'm feeling lucky button, which takes you to the first match of the search. Google's first match for "https" is the wikipedia page, so you are redirected there. Adecco must have made a mistake in their link coding to cause this. Blame them, not wikipedia. Rjmunro 15:46, 15 September 2006 (UTC)

[edit] Can't view this article

I can't view the article directly from here, as it gives me the "Wikipedia does not have an article with this exact name" box. I can, however view it through it's history by looking at the diff between the current version and the last one. --Sivius ^T-C 20:59, 17 September 2006 (UTC)

Not reproducible. -- Ernstdehaan 14:30, 16 May 2007 (UTC)

[edit] Out-of-place text that I cannot delete

I see the following text on a separate line just below the first paragraph of this article:

sales assistant where house security

I tried to edit the article, to get rid of it, but it doesn't appear on the "edit this page" page. Maybe if someone else knows how, they could clean it up. Thanks. —The preceding unsigned comment was added by 75.5.96.236 (talk) 00:05, 16 February 2007 (UTC).

UPDATE - Nevermind. Somebody took care of it, and I was still seeing it. A friend clued me in to "control-r", which refreshed the bogus text out of existence.

[edit] Diagram & How It REALLY Works?

It would be great to see a state diagram of how the secure connection is made and at which point the HTTP request is actually sent to the server. The current "How It Works" section really doesn't describe it very well. --Lance E Sloan 19:40, 26 February 2007 (UTC)

Well, the article does say that https is just an use of the SSL/TLS protocol. How TLS works is explained on that article, at Transport Layer Security#How it works. Was this more useful? Any ideas how to make it more obvious? (I've currently added a "for details, see ..." link to the article) -- intgr 20:21, 26 February 2007 (UTC)

Someone please add a sequence diagram for communications over HTTPS. A simple diagram should do. ddas|edEn (talk) 08:32, 4 March 2008 (UTC)

[edit] difference between SFTP & HTTPS

What are the differences between SFTP & HTTPS? —The preceding unsigned comment was added by 15.227.137.71 (talk) 10:36, 15 March 2007 (UTC).

It is the same difference as FTP & HTTP, only now they are bot secure. HTTP is used for visiting websites, FTP is a file transfer protocol. 213.73.219.133 09:19, 18 May 2007 (UTC)

Actually, I think SFTP uses a different underlying protocol. 171.71.37.29 20:29, 4 October 2007 (UTC)

sftp != ftps, ftps is ftp over ssl just like https is http over ssl. sftp is a system for transfering files over a ssh session. Plugwash 22:42, 4 October 2007 (UTC)

[edit] External Link Proposal

Why are the bottom 4 links in the following list considered spam? I checked each one of them individually and they all appear to be well-suited..

[edit] Spam links?

• MSDN documentation of the Secure Channel API
• SSL Introductory Tutorial

What do you think? Any of these a good match for this page? I'm still a newbie so..

Produke 22:59, 25 March 2007 (UTC)

[edit] HTPS redirect

Why does HTPS redirect here? I was hoping to find more information about a display technology in LCD projectors. 194.7.161.130 08:22, 4 September 2007 (UTC)

Obviously it's a misspelling of "HTTPS"; it wouldn't interfere with the creation of an article about HTPS, just nobody has written it yet. -- intgr ^#%@! 11:54, 4 September 2007 (UTC)

[edit] Speed? When using HTTPS

Can it increase your speed somewhat? LOTRrules 15:41, 27 September 2007 (UTC)

Wikipedia talk pages are for discussing changes to the article, Wikipedia is not a forum.

Short answer: no. Longer answer: unlikely, but depends on whether your ISP, upstream routers or whatever is doing more throttling on normal HTTP traffic than HTTPS. -- intgr [talk] 16:38, 28 September 2007 (UTC)

[edit] vs Comcast

A lesser-known effect of Comcast's traffic shaping is that they completely block incoming http requests (i.e. they apparently regard http servers as being worse than torrents). Does https obfuscate the http request so that Comcast treats the packets the same as they would for other protocols? Ham Pastrami (talk) 11:26, 19 February 2008 (UTC)

[edit] Capitalization

Why does the HTTP article capitalize the abbreviation while this article lower-cases the HTTPS abbreviation? I would have expected the abbreviation to be all uppercase when used as a word and all lowercase when used as a protocol-prefix (i.e, when the colon follows it), i.e., HTTPS vs. https:.

-Andreas Toth (talk) 22:06, 19 February 2008 (UTC)

The short version: http and https are protocol identifiers. HTTP is a protocol. HTTPS doesn't exist. The long version: in Netscape's original specification for SSL and related RFCs, "https" is only used in the context of a URI. The protocol itself is usually referred to as "HTTP over SSL" or "HTTP/SSL". In modern context the actual protocol being used is just as likely to be HTTP/TLS. "https" is merely a mnemonic chosen for security-enhanced HTTP. The actual protocol used to implement enhanced security is subject to change. Netscape could just as easily have chosen "asdf://" to signify HTTP/SSL and then this answer might be better understood, though the identifier wouldn't be! Ham Pastrami (talk) 02:07, 20 February 2008 (UTC)