It's easy to confuse these terms and use them interchangeably.
Let's look into each one and see how they differ.
What's HTTPS?
HTTPS is the secured version of HTTP: HyperText Transfer Protocol.
HTTP is the protocol used by your browser and web servers to communicate and exchange information.
When that exchange of data is encrypted with SSL/TLS, then we call it HTTPS. The 'S' stands for Secure.
OMG! Wait! Did I say SSL/TLS! Why?
Because it's the precise way to talk about SSL and TLS.
SSL stands for 'Secure Sockets Layer'. A protocol created by Netscape.
SSL is a dinosaur by Internet standards. The first version was never released and version 2 launched with the browser Netscape 1.1 in 1995.
Later that year Netscape released version 3 because version 2 had some major security problems.
We were all happy cats until 1999. Browser wars between Netscape and Microsoft, the need for standards, and Britney Spears - '...Baby One More Time' changed the world as we know it. Fur-ever.
Oops, I did it again.
Netscape gave control of SSL protocol to the IETF: Internet Engineering Task Force.
Before 1999 ended, IETF released TLS version 1.0 (Which was really SSL 3.1).
SSL was renamed to TLS: Transport Layer Security. Creating confusion and chaos still to this day.
Thanks 1999.
TLS 1.0 took off and version 1.1 was released in 2006.
A couple of years later, in 2008, TLS 1.2 was released to address a few flaws and exploits.
However, it's not until 2013 that browsers start to catch up and add support for TLS 1.2.
To add to the confusion, SSL 3.0 was officially deprecated in 2015.
