Hypertext Transfer Protocol (HTTP) Question: Download HTTP PDF

Answer #1There are currently two methods of establishing a secure HTTP connection: the https URI scheme and the HTTP 1.1 Upgrade header, introduced by RFC 2817. Browser support for the Upgrade header is, however, nearly non-existent, so HTTPS is still the dominant method of establishing a secure HTTP connection. Secure HTTP is notated by the prefix https:// instead of http:// on web URIs.

Answer #2This is Hyper text Transfer protocol with added security layer in place in form on TLS/SSL. Servers and clients communicate with each other exactly same as HTTP but over a secure channel.
The SSL layer serves for two main purpose :
1) It is confirmed after using HTTPS that you are talking to server directly that you are thinking of.
2) It also ensures that only server reads the data you sent over network. No else can read it.
An SSL connection between client and server is establish by handshake which focuses on below things :
1) To make sure that client is talking to right server
2) Both parties have agreed on a 'cipher' which includes which encryption they will use to exchange data.
3) Both parties should agree key for this algorithm
As soon as connection is established, both parties can used agreed algorithm and keys to securly send messages to each other.