Tuesday, February 26, 2008

Eleven Secure web communication Tips

In recent past TECHFREAK sent SMS to its subscribers on Secure web communication. Following are the selected Tips. Rememebr , these tips are sent via SMS services , where charater limit is only 140 characters.
11 . A session is specific to the webuser and for each user a newsession is created to track all the request from that user.
10. HTTP is statless protocol,by implementing HTTP SessionManagement,websites manages& tracks HTTP states & conns.
9. 128 bit SSL encryption in HTTPS is diehard to break thats, whybank,creditcard e-com sites prefer it.IE5.5+,Firefox 1.0+ supports 128bitenc.
8. Part 1/2: Man-in-the-middle attack(MITM):In which an attacker is able toread,insert, modify the data between two parties.
7. Part 2/2: ...without either party knowing that the link between them hasbeen compromised.HTTPS prevent it by using encryption.
6. When request Send via https, browser's HTTPS layer encrypts it.The responfrm server also encrypted & browser's HTTPS sublayer deccrypt it.
5. QUIZ.What makes HTTPS secure....?Answer: Encryption of data using SecureSocket Layer
4. HTTP typically uses port 80 , while HTTPS uses port 443.These setting canbe changed at webserver level.
3. Https is not separate protocol.It is basically a HTTP over an encryptedSecure Sockets Layer(SSL)or Transport Layer Security(TLS)conection.
2. Difference between HTTP & HTTPS? Ans-1:HTTP is Stateless Protocol,whileHTTPS is Stateful.
1. HTTP is termed as stateless protocol becauz each command is executedindependently without any knowledge of the commands that came before it.

Please post your comments

No comments: