the data transmitted by p>HTTP protocol is transmitted in clear text, so anyone can see the transmitted data by grabbing the package, which is obviously unsafe. In 1994, Netscape added HTTP with encryption protocol, and began to add SSL(Secure Socket Layer) on the basis of HTTP. It is called "HTTP over SSL" or "HTTP Secure", which is now known as HTTPS.

TLS(Transport Layer Security protocol) is a new protocol formulated by IETF. TLS1. is based on the SSL3. protocol specification, and is a subsequent version of SSL3. protocol, which can be understood as SSL3.1.

SSL/TLS can be divided into symmetric encryption and asymmetric encryption.

symmetric encryption means that both encryption and decryption use the same KEY (only one key). Common ones are AES-128, AES-192 and AES-256.

asymmetric encryption corresponds to a pair of keys, called private key and public key. After encryption with private key, it needs to be decrypted with public key, and after encryption with public key, it needs to be decrypted with private key. Common ones are RSA, DSA/DSS.

The advantage of symmetric encryption is that it is fast, but the disadvantage is that the key cannot be safely transmitted to the other party under the Internet environment. The advantage of asymmetric encryption is that it can safely transfer the public key to the other party, but the operation speed is slow.

blogs.com/makelu/p/1114824.html ）