Why was port 80 chosen as the default HTTP port and 443 as the default HTTPS port?

Why was port 80 chosen as the default HTTP port and 443 as the default HTTPS port?

Is there a reason or was it is just defined that way?


The Internet Assigned Numbers Authority (IANA) is a department of ICANN, a nonprofit private American corporation that oversees global IP address allocation, Domain Name System (DNS), well-known ports and other Internet Protocol-related symbols and numbers.

On March 1990 they published the document RFC1060 where they listed the well-known ports at that time. In that list there wasn't a protocol assigned to port 80. It went from 79 to 81:

79       FINGER     Finger                                
81       HOSTS2-NS  HOSTS2 Name Server                     

So, at that time port 80 was officially free.

In 1991 Tim Berners-Lee issued the first version of HTTP in a document about HTTP 0.9 where he stated:

If the port number is not specified, 80 is always assumed for HTTP.

Then in July 1992 was published RFC 1340 that obsoletes RFC 1060 where appears:

   finger           79/tcp    Finger                            
   finger           79/udp    Finger                            
   www              80/tcp    World Wide Web HTTP               
   www              80/udp    World Wide Web HTTP               

That document makes official the port 80 as www or http. However there is nothing about 443 on that document.

On October 1994 appears RFC 1700 where for the first time appears this:

https           443/tcp    https  MCom
https           443/udp    https  MCom
#                          Kipp E.B. Hickman <[email protected]>

It seems was solicited by Kipp E.B. Hickman who at the time worked at Mosaic, the first GUI browser company that later becomes Netscape.

It's not clear why 443 was chosen, however the previous RFC had a gap from 374 to 512 and in this RFC the space from 375 to 451 was filled. It's very likely that the numbers were simply given in order of request.


The answer by jcbermu mentions that RFC 1340 (assigned numbers) had a run of unused ports from 374 to 512, and 443 is right in the middle.

assert https_port == (374 + 512) / 2 == 443