Encrypted communication
We can never stress enough how important it is to use an encrypted channel of communication when creating web services and communicating them with an application.
Initially, it was intended as a protocol to exchange documents and information between scientific institutions, so security was not an important point at that time.
The Internet evolved pretty quickly, and the initially limited HTTPs were suddenly facing millions of users interacting between them. There are tons of resources to discuss SSL and how the encryption is performed. For the purpose of this book, we will mention that the communications under HTTPS (which stands for HTTP Secure, or HTTP over SSL) are generally protected against man-in-the-middle attacks and cannot be easily sniffed. There are still some ways an attacker can manage to break into the communication channel and steal the communication, but they require a better knowledge and access to the victim. We will, however, mention them, in case...
