Page 49 - ITU-T Focus Group Digital Financial Services – Consumer Experience and Protection
P. 49
ITU-T Focus Group Digital Financial Services
Consumer Experience and Protection
B.2.2 HTTP
The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia
information systems. HTTP is the foundation of data communication for the World Wide Web. Hypertext is
structured text that uses logical links (hyperlinks) between nodes containing text. HTTP is the protocol to
exchange or transfer hypertext.
HTTP functions as a request-response protocol in the client-server computing model. A web browser, for
example, may be the client and an application running on a computer hosting a web site may be the server.
The client submits an HTTP request message to the server. The server, which provides resources such as HTML
files and other content, or performs other functions on behalf of the client, returns a response message to the
client. The response contains completion status information about the request and may also contain requested
content in its message body.
B.2.3 HTTPS
HTTPS (also called HTTP over TLS, [1] [2] HTTP over SSL, [3] and HTTP Secure [4] [5]) is a protocol for
secure communication over a computer network which is widely used on the Internet. HTTPS consists of
communication over Hypertext Transfer Protocol (HTTP) within a connection encrypted by Transport Layer
Security or its predecessor, Secure Sockets Layer. The main motivation for HTTPS is authentication of the visited
website and to protect the privacy and integrity of the exchanged data.
In its popular deployment on the internet, HTTPS provides authentication of the website and associated web
server with which one is communicating, which protects against man-in-the-middle attacks. Additionally, it
provides bidirectional encryption of communications between a client and server, which protects against
eavesdropping and tampering with and/or forging the contents of the communication.
41
