Editing HTTPS (section)

==Security==
{{Main|Transport Layer Security#Security}}
The security of HTTPS is that of the underlying TLS, which typically uses long-term [[Public-key cryptography|public]] and private keys to generate a short-term [[session key]], which is then used to encrypt the data flow between the client and the server. [[X.509]] certificates are used to authenticate the server (and sometimes the client as well). As a consequence, [[certificate authority|certificate authorities]] and [[public key certificate]]s are necessary to verify the relation between the certificate and its owner, as well as to generate, sign, and administer the validity of certificates. While this can be more beneficial than verifying the identities via a [[web of trust]], the [[2013 mass surveillance disclosures]] drew attention to certificate authorities as a potential weak point allowing [[man-in-the-middle attack]]s.<ref>{{cite magazine |url=https://www.wired.com/2010/03/packet-forensics/ |title=Law Enforcement Appliance Subverts SSL |magazine=Wired |date=24 March 2010 |first=Ryan |last=Singel |access-date=20 October 2018 |archive-url=https://web.archive.org/web/20190117142906/https://www.wired.com/2010/03/packet-forensics/ |archive-date=17 January 2019 |url-status=live }}</ref><ref>{{cite web |url=https://www.eff.org/deeplinks/2010/03/researchers-reveal-likelihood-governments-fake-ssl |title=New Research Suggests That Governments May Fake SSL Certificates |first=Seth |last=Schoen |work=EFF |date=24 March 2010 |access-date=20 October 2018 |archive-url=https://web.archive.org/web/20160104234608/https://www.eff.org/deeplinks/2010/03/researchers-reveal-likelihood-governments-fake-ssl |archive-date=4 January 2016 |url-status=live }}</ref> An important property in this context is [[forward secrecy]], which ensures that encrypted communications recorded in the past cannot be retrieved and decrypted should long-term secret keys or passwords be compromised in the future. Not all web servers provide forward secrecy.<ref name=ecdhe>{{cite web |url=https://news.netcraft.com/archives/2013/06/25/ssl-intercepted-today-decrypted-tomorrow.html |title=SSL: Intercepted today, decrypted tomorrow |work=Netcraft |date=25 June 2013 |first=Robert |last=Duncan |access-date=20 October 2018 |archive-url=https://web.archive.org/web/20181006021916/https://news.netcraft.com/archives/2013/06/25/ssl-intercepted-today-decrypted-tomorrow.html |archive-date=6 October 2018 |url-status=live }}</ref>{{Update inline|reason=Does this still hold in 2015?|date=February 2015}}

For HTTPS to be effective, a site must be completely hosted over HTTPS.  If some of the site's contents are loaded over HTTP (scripts or images, for example), or if only a certain page that contains sensitive information, such as a log-in page, is loaded over HTTPS while the rest of the site is loaded over plain HTTP, the user will be vulnerable to attacks and surveillance. Additionally, [[HTTP cookie|cookies]] on a site served through HTTPS must have the [[secure cookie|secure attribute]] enabled.  On a site that has sensitive information on it, the user and the session will get exposed every time that site is accessed with HTTP instead of HTTPS.<ref name=deployhttpscorrectly/>