At this juncture WALLSTREETBEAR depends on the sacrificial giving of its members and supporters. If you have profited either personally or financially from this board you can play an important part in its continuance through a voluntary donation.

You may donate using a PayPal account. WALLSTREETBEAR's paypal link is located at the top of the forum index page. We thank you kindly for showing your support.

 

WallStreetBear Forum Index

Precious Metals
[Most Recent Quotes from www.kitco.com]
Ordinaries
UK
WallStreetBear UKKFTSE
Germany
n
Hong Kong
Japan

Official PayPal Seal



HTTPS stands for HTTP via SSL, the Secure Socket Layer.

The Hyper Text Transfer Protocol, the usual way in which your browser connects to web pages, is an inherently insecure protocol as all information is sent in clear text between unauthenticated peers over an insecure network. It belongs to the group of 'old' protocols like telnet and ftp which are bound to be replaced - or at least enhanced - by transfer protocols which allow authentication and encryption.

HTTPS allows client and server-side authentication via certificates, which have been in turn signed by a Certification Agency. The client's web-browser must support SSL, almost all (Mozilla, MSIE, Konqueror, Opera, Lynx, w3m) do. The server must listen on a port other than 80, usually this is port 443.

Upon connecting to the secure part of a website, signified by 'https://' (thus indicating port 443 instead of port 80), the server and the client negotiate the SSL protocol version to use and a unique session-ID is established. If the certificate presented by the server is unknown to the client, the client is free to accept or reject the certificate. In turn the server can also demand a certificate from the client. Server and client now share a common key which allows them to encrypt and decrypt messages they send to each other. For a far more detailed and accurate introduction, read the excellent mod_ssl user manual.