Well if https is more secured why not use https and dump http , we just find https while logging and money transfer , why not for normal use such as https://answers.yahoo.com
2007-06-04 12:12:12 · 0 answers · asked by urtraced 2 in Computers & Internet ➔ Security
There are a couple of reasons first let me explain the differance:
http send everything you do in plan text for any one to read.
https encrypts everything you do so that no one can read what you type but the recipient.
The problem with encrypting data is that you cant just encrypt it and say only yahoo can read it. Both you and yahoo have to have a secret key so that yahoo can decrypt what you sent and encrypt private stuff for you to read.
This is accomplised by an encryption scheme known as public key. Yahoo puts out a public key so that every one can encrypt stuff that only yahoo can read its like a one way key: you can package stuff up and send it to yahoo so that they can read it with theire private key but some one with a public key cant see what you encrypted.
So you package up a key for yahoo to use to talk to you and you are all set.
WHY ALL internet communication isn't done like this is because of what is known as the man in the middle attack, and its solution.
It's quite simply to pretend to be yahoo.com if you know what you doing. so I pretend to be yahoo and all traffic you think is going to yahoo comes to me. you ask me for my public key I respond back with an fake public private key pair that I made then I ask yahoo for there public key and every thing you to I do I just watch for anything interesting like Credit cards etc, an you are non the wiser.
We solved this problem by using what is called a certificate authority. A CA is some one who you pay to vouch for you; Verisign and GoDaddy are the biggest. So everytime you make a https connection to amazon you go to a CA and they comeback with amazons public key. And every thing is hunky doory. With the exception that this slowed you down considerable yahoo.com has to pay a CA bill every month, and joesmoh.com has to go through a lot of rigormarol to set all this up.
And finally I will answer your question:
So the reason is it would make every thing slow more expensive and more complicated to use exclusively https.
Plus tying to get information from internet traffic once it is out of your local network is like trying to car jack someone on free way going 500 miles an hour.
enough security for you typical fried chicken recipe.
Complicated answer but you asked a complicated question.
2007-06-04 12:41:40 · answer #1 · answered by Jim C 2 · 10⤊ 0⤋
Http Vs Https
2016-10-06 03:51:54 · answer #2 · answered by ? 4 · 0⤊ 0⤋
It is much more expensive to maintain a server that is encrypted (HTTPS) than a non-encrypted one (HTTP). It is more cost effective to use HTTP for websites that don't need the extra security.
2007-06-04 12:21:07 · answer #3 · answered by Blueconno 2 · 0⤊ 0⤋
It is more expensive. Requires a secure socket layer to implement and an encryption algorithm to encrypt the password and login.
Why would you need that much security for Yahoo answers, which is an open forum?
2007-06-04 12:18:43 · answer #4 · answered by Anonymous · 0⤊ 0⤋
i've been browsing online more than four hours today looking for answer to the same question, but I haven't found a more interesting debate like this. It's pretty worth enough for me.
2016-08-24 04:40:08 · answer #5 · answered by Anonymous · 0⤊ 0⤋
It is slower and requires a secure server and therefore would be much more expensive. Browsing doesn't require secure socket layer.
2007-06-04 12:19:43 · answer #6 · answered by Anonymous · 0⤊ 0⤋
Perhaps, but I'm not 100% on it
2016-07-29 06:58:46 · answer #7 · answered by Anonymous · 0⤊ 0⤋
It is probably because it is more expensive to do than the HTTP.
2007-06-04 12:17:08 · answer #8 · answered by Elton and Laura fan 3 · 0⤊ 0⤋