S-HTTP

Secure Hypertext Transfer Protocol (S-HTTP) is an obsolete alternative to the HTTPS protocol for encrypting web communications carried over . It was developed by Eric Rescorla and Allan M. Schiffman, and published in 1999 as RFC 2660.

Web browsers typically use HTTP to communicate with web servers, sending and receiving information without encrypting it. For sensitive transactions, such as Internet e-commerce or online access to financial accounts, the browser and server must encrypt this information. HTTPS and S-HTTP were both defined in the mid-1990s to address this need. S-HTTP was used by Spyglass's web server, while Netscape and Microsoft supported HTTPS rather than S-HTTP, leading to HTTPS becoming the de facto standard mechanism for securing web communications.

S-HTTP encrypts only the served page data and submitted data like POST fields, leaving the initiation of the protocol unchanged. Because of this, S-HTTP could be used concurrently with HTTP (unsecured) on the same port, as the unencrypted header would determine whether the rest of the transmission is encrypted.

In contrast, HTTP over TLS wraps the entire communication within Transport Layer Security (TLS; formerly SSL), so the encryption starts before any protocol data is sent. This creates a name-based virtual hosting "chicken and egg" issue with determining which DNS name was intended for the request.

This means that HTTPS implementations without Server Name Indication (SNI) support require a separate IP per DNS name, and all HTTPS implementations require a separate port (usually 443 vs. HTTP's standard 80) for unambiguous use of encryption (treated in most browsers as a separate URI scheme, https://).

...
Wikipedia