I just read an article on the subject of HTTPS, as opposed to HTTP. The article included a number of technical terms that I didn't understand and I came away a litle confused. The article seemed to say that the identity of the user is protected, and that data both to and from the target server is encrypted to insure privacy. However, it seems like there still has to be some kind of text in the clear, so that the ISP knows where to direct the traffic. For example, if I wanted to enter the address of the forums on Bleeping Computer, I might type something like:
It seems like the ISP would need at least "https://www.bleepingcomputer.com" to be unencrypted.
If this is true, then the ISP may not be able to tell exactly what on Bleeping Computer that I'm looking at, but at least they know that I am accessing the Bleeping Computer web site. Also, since the ISP knows which IP address the request came from, then they also know who I am. This seems to nullify the statement that the user's identity is protected.
Obviously, HTTPS does not provide the same anonymity and security as a VPN, but it would be helpful to know what it does provide.
Thanks in advance.