I've heard that HTTPS is connection-oriented but have not been able to confirm this. Doesn't it depend on whether it is based on HTTP 1.0 or 1.1? If someone could point out a reference on the web for this I would appreciate it. Thanks, John
The only reason for time is so that everything doesn't happen all at once.
- Buckaroo Banzai
HTTPS is a seperate distinct protocal from HTTP. It has the features of HTTP 1.1 but extends it to allow a connection-oriented state and allow for 40 or 128 bit encryption. You can confirm the connection by turning on the security warnings in your browser. It will then notify you when a HHTPS connection is established and when it is closed.
Thanks, Carl. Does your use of the word "allow" in your answer (It has the features of HTTP 1.1 but extends it to allow a connection-oriented state and allow for 40 or 128 bit encryption.)imply that you can use HTTPS in either a connectionless or connection-oriented manner? John
Joined: Jun 13, 2000
Actually I guess allow was a poor choice of words, it will allways be connection oreinted. Part of the protocal established the connection and agrees on a remote random key to do the encryption. Thats part of the reason the connection is maintained. All communications between the two will use this key until the connection is closed. Establishing this key is fairly expensive in internet terms so....