S-HTTP (Secure HTTP)Secure HTTP (S-HTTP) is a security-enhanced version of HTTP developed by the Internet Engineering Task Force (IETF) in early 1994. It includes built-in encryption to provide more secure communications on the Web.
With the growing commercial use of the Internet, concern for transaction security has increased . For financial transactions, both customer and bank need the ability to verify each other's identity and to produce auditable records of transactions.
S-HTTP supports secure transactions by incorporating cryptographic enhancements into messages. It assures transaction confidentiality, authentication, and message integrity.
S-HTTP incorporates public key cryptography from RSA Data Security in addition to supporting traditional shared-secret (password) and Kerberos-based security systems. It has been implemented commercially by Terisa Systems, which produces a security toolkit software product that allows software developers to integrate S-HTTP into their World Wide Web clients and servers.