What is the difference between the protocol and commands used on default ports 8332 and port 8333?
From what I gather, port 8332 is the RPC port, it's "sensitive", only allowed by local host by default, and it has one username & password.
On the other hand port 8333 is some kind of P2P port that is used with Bitcoin transaction replication.
Can anyone clarify the official names, purposes, and security of each of these ports?
Which one uses JSON, and which is Binary?
The Bitcoin.org client will try to communicate to other nodes via port 8333 and those communications follow the Bitcoin protocol. If an explicit connection is given (IP address and port) the port setting can be overridden to use any port.
The bitcoin.org client can be configured to accept JSON-RPC communications, and when that is enabled will, by default, be on port 8332. Earlier versions of Bitcoin Core permitted this to be secured with SSL communications using the same port or a different port, however that capability has since been removed.