Return to site

Click Here To View Html Version

broken image


News | HTTPActivity | Specs | Software| Talks | Mailing lists | IETF | HTTP Extensions |WebMux | HTTP-NG | Web Characterization | Background

JavaScript version checking. Please enable JavaScript to continue using this application. Please enable JavaScript to continue using this application. Read our knowledge base or click the questionmarks in the bottom-right corner of each panel if you need help! Bear this in mind! Never forget to backup and save your code before processing it with this HTML converter to make sure you can revert back to the original version in. Many Internet Web sites contain JavaScript, a scripting programming language that runs on the web browser to make specific features on the web page functional. If JavaScript has been disabled within your browser, the content or the functionality of the web page can be limited or unavailable.

Now that both HTTP extensions and HTTP/1.1 are stable specifications (RFC2616 at that time), W3Chas closed the HTTP Activity.

An effort to revise HTTP/1.1 started in 2006, which led to the creation of the IETF httpbisWorking Group. Work completed with the publication of RFC 723X (See below)

  • 2014-06 RFC 723X published Along with: And related specifications:
  • 2014-02: drafts -26 of the revised HTTP/1.1 specifications
  • 2013-11: drafts -25 of the revised HTTP/1.1 specifications
  • 2013-09: drafts -24 of the revised HTTP/1.1 specifications
  • 2013-07: drafts -23 of the revised HTTP/1.1 specifications
  • 2013-03: drafts -22 of the revised HTTP/1.1 specifications
  • 2012-10: drafts -21 of the revised HTTP/1.1 specifications
  • 2012-07: drafts -20 of the revised HTTP/1.1 specifications
  • 2012-03: drafts -19 of the revised HTTP/1.1 specifications
  • 2012-01: drafts -18 of the revised HTTP/1.1 specifications
  • 2011-10: drafts -17 of the revised HTTP/1.1 specifications
  • 2011-06: drafts -16 of the revised HTTP/1.1 specifications
  • 2011-07: drafts -15 of the revised HTTP/1.1 specifications
  • 2011-06: draft-ietf-httpbis-content-disp published as RFC 6266
  • 2011-04: drafts -14 of the revised HTTP/1.1 specifications
  • 2011-03: drafts -13 of the revised HTTP/1.1 specifications
  • 2010-10: drafts -12 of the revised HTTP/1.1 specifications
  • 2010-08: drafts -11 of the revised HTTP/1.1 specifications
  • 2010-07: drafts -10 of the revised HTTP/1.1 specifications
  • 2010-03: drafts -09 of the revised HTTP/1.1 specifications
  • 2009-11: drafts -08 of the revised HTTP/1.1 specifications
  • 2009-07: drafts -07 of the revised HTTP/1.1 specifications
  • 2009-03: drafts -06 of the revised HTTP/1.1 specifications
  • 2008-11: drafts -05 of the revised HTTP/1.1 specifications
  • 2008-08: draft -00 of Initial Hypertext Transfer Protocol (HTTP) Method Registrations
  • 2008-08: drafts -04 of the revised HTTP/1.1 specifications
  • 2008-07: draft -02 of Security Requirements for HTTP
  • 2008-06: drafts -03 of the revised HTTP/1.1 specifications
  • 2008-02: drafts -02 of the revised HTTP/1.1 specifications
  • 2007-10:Hypertext Transfer Protocol Bis WG (httpbis) came to life.
  • 2007-06:new revision of RFC2616bis issued.[HTML version]
  • 2006-10: An effort to revise RFC2616 started, see the Issue list, latest draft [HTML version] and the editors' copy [HTML version].
  • 1999-07:W3C Supports HTTP/1.1 Reaching IETF Draft Standard - (testimonials)
  • 1999-06:NEW HTTP IETF RFCs:
    • RFC 2616: Hypertext Transfer Protocol -- HTTP/1.1 (Postscript), (PDF) (compressed text)
    • Errata for RFC 2616 and RFC 2617
  • 1999-06: HTTP Extension Framework pending IESG review.
    • Stable ID is draft-frystyk-http-extensions-03.txt
  • 1999-05:W3C Note:Editing the Web: Detecting the Lost Update Problem Using Unreserved Checkout
  • 1999-03-31:Jigsaw 2.0.2 Implements HTTP Extension Framework

Nearby you can find

  • The HTTP Performance Overview for the speed you're longing for.
  • The HTTP/1.1 Implementor's Forum for discussions of HTTP/1.1 implementation tricks as well as interoperability work
  • The HTTP Extension Framework Internet Draft and discussions
  • WebMux - a simple multiplexing protocol
  • W3C HTTP-NG activity and HTTP-NG Overview

News,Updates, and Events

  • Dec 16, 1998: Jose Kahan announces client-side Digest Authentication implementation in libwww - try it out!

Its always sunny in philadelphia list of episodes. See also the HTTP timeline for older events

Specifications, Drafts, Papers andReports

HTTP Working Group

  • List of all HTTP RFCs
  • Previous HTTP specifications and drafts. If you are looking for previous drafts then have a look at the HTTP draft specification change history
  • The IETF HTTP working group list of Internet drafts and RFCs
  • The Distributed Authoring and Versioning working group maintains a list of their drafts
  • David M. Kristol maintains a page on HTTP State Management - a.k.a. cookies
  • Koen Holtman maintains a page on transparent HTTP content negotiation

Related Protocols

HTTP Extension Framework
An extension mechanism for HTTP designed to address the tension between private agreement and public specification and to accommodate extension of HTTP clients and servers by software components
Multiplexing Protocol (MUX)
A draft proposal for introducing asynchronous messaging support at a layer below HTTP
Handling of fragment identifiers in redirected URLs
An Internet Draft with a proposal for an issue that HTTP leaves unspecified.
HTTP-NG - Hypertext Transfer Protocol - Next Generation
a former W3C Activity on reengineering the basic protocol architecture by using modularity, simplicity and layering.

Background

  • Overview of Time - What is the state of time on the Internet?
  • Interesting Papers and MUST reads! A collection of papers from work shops, conferences etc.
  • Compression and HTTP - also check out the comprehensive compression overview
  • Classic HTTP Documents - read how it all started

HTTP Sample Software

W3C offers the Jigsaw server written in Java andthe libwww client API - both released with a fullset of HTTP/1.1 functionality including caching and persistent connections.Please see the W3C open source contributions formore details.

Talks and Presentations

Preliminary HTTP/1.1 Performance Evaluation by Jim Gettys
The HTTP/1.1 performance paper explains the experiments in detail, and was recently submitted for publication. This work shows how you can gain as much as a factor of 10 in number of packets and 2 in times of speed by using HTTP/1.1 pipelining. Earliest results were presented at the IETF meeting in San Jose, December 1996, and more complete results at the W3C Advisory Committee Meeting in England in January.
Overview of new HTTP/1.1 functionality and changes from HTTP/1.0 by Jim Gettys
This presentation gives a good overview of new features. It will be updated occasionally as it is presented. The presentation is also available for Microsoft PowerPoint
PEP - An Extension Mechanism for HTTP by Henrik Frystyk Nielsen and Rohit Khare
This presentation was given at the IETF meeting in Montreal, June 1996.

HTTP Mailing lists

There are several mailing lists that you are welcome to use. As several ofthem are very high volume then please check out the archives first to see ifthe topic that you want to bring up in fact already has been discussed. As wetry to make as much progress on HTTP as possible it is very important that wecan stay focused - even on open mailing lists!

ietf-http-wg@w3.org (Archived at W3C (see also the 1994 to 2002 archives).
The official mailing list of the IETF HTTP working group.
w3c-http@w3.org (Archive)
This is a W3C mailing list dedicated to promote HTTP/1.1 implementation, to gain sufficient experience among W3C Members to support the specification, and ease
development of HTTP/1.1 software and applications. The list is only accessible to W3C members.
www-talk@w3.org (Archive)
This is the primary public mailing list for technical discussion among those developing World Wide Web software. It is explicitly intended for the collaborative design of new systems, software, protocols, and documentation which may be useful to the WWW developer community. General questions from non-developers should go one of the many newsgroups.
www-speed@tipper.oit.unc.edu (Information)
This list is no longer maintained and is not active anymore. Do not post any mails to this address!

See also the information on HTTP-NG Plugin for hikvision camera.

IETF Related Information

The Internet Engineering Task Force(IETF) is the protocol engineering and development arm of the Internet. TheIETF is a large open international community of network designers, operators,vendors, and researchers concerned with the evolution of the Internetarchitecture and the smooth operation of the Internet. It is open to anyinterested individual.

  • Current Internet Drafts (IDs)
  • Request for Comments (RFCs) and another very nice interface to RFCs
  • Information on Internet Official Protocol Standards and
  • Internet Standards Process about the IETF standards process.

Working Groups Related to HTTP

These are the IETF working groupsworking on HTTP directly related issues:

  • Content Negotiation (conneg) IETF Working Group with mailing list and archives
  • HTTP wg (http) with mailing list and archives
  • WWW Distributed Authoring and Versioning (webdav) with mailing list and archives
  • Web Transaction Security wg (wts)

Paul Hoffman at the Internet MailConsortium maintains an excellent list of IETF working groups directly relatedto Internet Mail. The following list are working groups of more distantnature relative to HTTP.

  • Application Configuration Access Protocol wg (acap)
  • Internet Printing Protocol (ipp)
  • Multiparty Multimedia Session Control (mmusic)
  • TCP Implementation (tcpimpl)

You can also check the full list of IETF workinggroups.

IETF Meetings

Also check out the IETF meeting page forthe latest information. We keep a small list of notes from previous HTTP wgmeetings at various IETF meetings:

Los Angeles, CA, USA, March-April1998
Where, how-to, agenda etc.
Washington, DC, USA, December 1997
HTTP-WG notes from the meeting and the complete on-line Procedings
Munich, Germany, 11-15 August 1997
HTTP-WG notes from the meeting and the complete on-line Proceedings
Memphis, TN, 7-11 April 1997
HTTP-WG notes from the meeting and the complete on-line Proceedings
San Jose, CA, 9-13 December 1996
HTTP-WG notes from the meeting and the complete on-line proceedings.
Montreal, Quebec CANADA, 24-28 June 1996
HTTP-WG notes from the meeting

Other Organizations Related to IETF

An unordered list of organizations related to IETF:

  • The Internet Engineering Steering Group (IESG) which consists of the IETF Area directors together with the Chair of the IETF.
  • The Internet Research Task Force (IRTF) is a composed of a number of focused, long-term, small Research Groups. These groups work on topics related to Internet protocols, applications, architecture and technology.
  • The Internet Architecture Board (IAB) is a body of the Internet Society responsible for overall architectural considerations in the Internet.
  • The Internet Society (ISOC) is a non-governmental International organization for global cooperation and coordination for the Internet and its internetworking technologies and applications.
  • The Internet Assigned Numbers Authority (IANA) is the central coordinator for the assignment of unique parameter values for Internet protocols

Other Areas and Protocols

  • The HTTP-NG activity has information about  the former W3C HTTP-NG Activity
  • The Propagation, Caching and Replication area has a lot of information about caching schemes and scalability
  • Internet Message Access Protocol (IMAP) is a method of accessing electronic mail or bulletin board messages that are kept on a (possibly shared) mail server
  • Next Generation Internet (NGI) Initiative. On October 10, 1996, President Clinton and Vice President Gore announced their commitment to the Next Generation Internet (NGI) Initiative, based upon strong research and development programs across Federal agencies.
  • The Web Robots Pages - information about Web robots and how to manage them
  • What's the Internet weather like? A really useful service from UCLA
  • A few other Internet protocols relevant to HTTP
Yves Lafon
, @(#) $Id: Overview.html,v 1.244 2014-06-11 14:21:46 ylafon Exp $

Copyright © 1996-2003W3C® (MIT, ERCIM,Keio), All Rights Reserved. W3C liability, trademark, document useand softwarelicensing rules apply. Your interactions with this site are in accordancewith our public andMember privacystatements.

How to View SSL Certificate Details in Each Browser and What You Can Learn

It seems more and more of the general population is starting to take notice of SSL. They expect websites to use it (and are quick to point out when they're not). I'm excited that people are recognizing when a site uses SSL and I'm eager to take that knowledge even further. Beyond just triggering the padlock and HTTPS in browsers, there's quite a bit more going on within the details of an SSL Certificate.

There's a lot of information in a certificate, including basic things like:

  • Validity Period.
  • Issuing Certificate Authority (CA).
  • Subject (the domain it was issued to and depending on the type of certificate, identifying information about the company operating the site).

Certificate contents also cover technical aspects, such as:

  • Key Usage.
  • CRL Information.
  • Signing and Hashing Algorithms Underlying the Encryption.

This information can be found from right within your browser! Clearly, the importance of these things is going to vary person to person and I don't expect everyone to start diving into the certificate of every site they visit, but I do want to raise awareness that this type of information exists and how to find it. So let's get to it.

Since browsers are updated fairly regularly and SSL presentation in particular is currently undergoing quite a lot of change, I will be updating the sections below as new versions are released. I've noted the versions I used for testing, but for the most part, the same steps should apply for older versions as well.

Quick links:

Chrome - Desktop (v.63)

I'm very excited that Chrome has brought back the ability to access certificate details right from the main browser interface. This functionality disappeared for a little while (~v55 - v60) and you had to go through a few mouse clicks to find this info, but now it's very easy. Hooray!

1. Click the padlock in the URL bar. This will trigger a dropdown; click the 'Valid' link in the Certificate section.

EV Certificate in Chrome 68

Watermark p. 2. This will bring up the Certificate window where you can click through to your heart's content. Certificate contents (e.g. subject, validity period, algorithms) are on the 'Details' tab.

Certificate details in Chrome

Chrome - Mobile

Android (v.67)

Similar to the desktop version, the Android Chrome app makes it pretty easy to dive into certificate details.

1. Click the padlock icon next to the URL. Then click the 'Details' link.

SSL Certificate in Android Chrome App v.67

2. From here you can see some more information about the certificate and encrypted connection, including the issuing CA and some of the cipher, protocol, and algorithm information. To view details more details about the certificate itself, including the validity period and subject details, click 'Certificate Information'.

SSL Connection Details in Android Chrome App v.67

3. You can view details for the other certificates in the path by clicking on the dropdown menu highlighted below.

How to see html code

Full Certificate Details in Android Chrome App v.67

iOS (v.68)

Unfortunately, as of this writing at least, it doesn't look like you are able to view much of anything about certificates in the iOS version of Chrome. If you click the padlock icon, you can see the name of the CA that issued the certificate, but that's it. We hope this functionality is added to future versions of the app.

SSL Certificate in iOS Chrome App v.68

Firefox (v.61)

The latest version of Firefox provides a little more information about the certificate directly in the main browser interface, with the ability to dive into further details with just a few clicks.

1. Clicking the padlock in the address bar brings up a preliminary dropdown that indicates a secure connection when properly configured SSL is in place. Click the arrow to the right of the dropdown to view more information about the certificate.

EV Certificate in Firefox 61

2. In the case of Extended Validation (EV) Certificates, you can see some identifying information about the organization operating the site. For non-EV Certificates (Domain Validated and Organization Validated), you will only see which Certificate Authority (CA) issued the certificate - the 'Verified by:' section at the bottom of the pop-up. Click the 'More Information' link to view more details.

EV Certificate in Firefox

Non-EV (OV) Certificate in Firefox

Click Here To View Html Version Pdf

3. This brings you to the security details of the page, where you'll find more information about the website identity (for EV Certificates, the company name will be listed as the owner) and the protocols, ciphers and keys underlying the encryption.

Page info of a site using EV in Firefox

4. Linux 3d printing software. If you want even more details about the certificate (and who doesn't?), just click 'View Certificate.' On the 'Details' tab, you'll find the certificate hierarchy and can dig through the certificate fields. Have fun!

Certificate details in Firefox

Internet Explorer (v.11)

Like Firefox, IE provides some certificate information from the main interface.

1. Clicking the padlock brings up the issuing CA ('GlobalSign has identified this site as:') and a note that the connection to the server is encrypted. There is also some identifying information but again this varies between EV vs. non-EV (DV or OV) Certificates. EV Certificates contain the company name and location, while DV and OV only show the domain.

EV Certificate in IE 11

Non-EV (OV) Certificate in IE 11

2. Clicking the 'View Certificates' link at the bottom of the pop up takes you right to the certificate details window. Similar to Chrome, certificate contents (e.g. subject, validity period, algorithms) are on the 'Details' tab.

Certificate details window in IE

Edge (v.16)

Bad news for Edge users - there is currently no way to view certificate details using the browser. While some information from the certificate is displayed if you click the padlock, including the Root CA the certificate chains up to and some of the subject information, there is unfortunately no way to view the full certificate path or other details such as validity period, signing algorithms, and Subject Alternative Names (SANs). We hope Microsoft adds this functionality into future versions, but until then, here's how to view the information they do include.

1. Click the padlock to view some information from the certificate.

EV Certificate in Edge

DV Certificate in Edge

As you can see in the screenshots above, the type and amount of subject info shown depends on the type of certificate the site is using - EV and OV Certificates display the verified company information included in the certificate's subject fields, but since DV Certificates only vouch for domain ownership, only the domain name is displayed.

Safari (v.11) - MacOSX

Note: As of this writing, there is no way to view certificate details in mobile (iOS) Safari.

Click Here To View Html Version Pdf

1. Click on the padlock (you must click the padlock icon specifically; clicking elsewhere will just make the URL appear) to view more details about your connection to the website. If the site is using an EV Certificate, the name of the issuing CA, the company's name, and the company's address will also be shown. Click the 'Show Certificate' button to view more information.

EV Certificate in Safari

Non-EV (OV) Certificate in Safari

2. You can now see the certificate path, expiration date, and validity. To view additional details, including subject, signing algorithms, and other certificate goodies, click 'Details'.

Call of duty logo font. Certificate Details in Safari

So there you have it; now you can dive into certificates no matter what browser you're using. Happy inspecting and safe and secure browsing!

p.s. As I said above, I will try and keep this post updated with the latest browser versions, but if you see I've fallen behind, please feel free to give me a friendly nudge in the comments.





broken image