HTTPS is a secure extension of the HTTP protocol, the “S” for “Secured” means that data exchanged between the user’s browser and the website are encrypted and cannot be spied on (confidentiality) or tampered with (integrity). Obtaining the sacrosanct “S” involves acquiring and installing an SSL / TLS certificate from a recognized Certification Authority. It will display the HTTPS, the green padlock and the word “Secure” in the browser’s address bar.
There are three principal authentication levels for the issue of the certificates allowing to display the HTTPS:
- Domain Validation (DV) considered as low authentication;
- Organization Validation (OV) with high authentication;
- Extended Validation (EV) with reinforced authentication.
Note: Starting July 2018, with the arrival of Chrome 68, all HTTP websites will be marked as “Not Secure” and HTTPS websites will be marked as “Secure”.