#miniblog #draft #basicish #concepts #staycurious #writingimperfect #ssl #tls #https

PART 1: OVERVIEW!

Okay so today I'm going over HTTPS and trying to re-re-remember things I've forgotten and stuff. I thought it might be fun to try to explain it at a higher-level-ish

What's HTTPS?

HTTPS is simply "HTTP over TLS", i.e. "HTTP/TLS". It's the same ol' HTTP underneath, it's just wrapped in TLS which is like a protective layer on top that enables encrypted communication.

Why HTTPS?

The main advantages are:

What's the difference between HTTP and HTTPS?

Uh, okay. Well, let's look at HTTP communication. We'll pretend we're a sentient computer in someone's home network (an IoT door lock perhaps) and we're watching the foolish mortals browse the web. Someone goes on kitten.bianc.at using Chrome:

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/6dfa619d-bc02-4333-8d2b-e2b1b6b85939/Screen_Shot_2017-09-07_at_12.40.34_PM.png

This is plain HTTP. Here, the communication between the browser and the server is as follows:

  1. Browser initiates connection with server (TCP)
  2. Browser sends HTTP request saying "please, GET kitten.bianc.at/ for me"