An Internet protocol for encryption of Hypertext Transfer Protocol (HTTP) traffic. Secure Hypertext Transfer Protocol (S-HTTP) is an application-level protocol that extends the HTTP protocol by adding encryption to Web pages. It also provides mechanisms for authentication and signatures of messages.
S-HTTP provides broad support for implementing different types of cryptographic algorithms and key management systems. Although S-HTTP systems can make use of digital certificates and public keys, messages can also be encrypted on a per-transaction basis using symmetric session keys. S-HTTP was proposed as a draft standard in 1996 and is still under development.
S-HTTP is not as widely implemented as Secure Sockets Layer (SSL), which is independent of protocol and works with HTTP, Simple Mail Transfer Protocol (SMTP), Network News Transfer Protocol (NNTP), and other Internet protocols.
S-HTTP is also the name given to World Wide Web (WWW) server software that implements the S-HTTP protocol. This software was developed by Enterprise Integrations Technologies (EIT), the National Center for Supercomputing Applications (NCSA), and RSA Security.