Skip to Content
Navigation:

A stick figure smiling

Here's a preview from my zine, HTTP: Learn your browser's language!! If you want to see more comics like this, sign up for my saturday comics newsletter or browse more comics!

get the zine!
Image of a comic. To read the full HTML alt text, click "read the transcript". browse more comics! get the zine!
read the transcript!

HTTPS: HTTP + secure

Here’s what your browser does when it asks for https://examplecat.com/cat.png:

  1. Negotiate an encryption key (AES symmetric key) to use for this connection to examplecat.com. The browser and server will use the same key to encrypt/decrypt content.

Simplified version of how picking the encryption key works:

browser, represented by the Firefox logo: hey I want examplecat.com
server, represented by a box with a smiley face: here’s proof that I’m examplecat.com
browser, thinking: story checks out!
browser: key exchange
server: key exchange browser and server, thinking: we’re going to use A$29FXY2…. as the encryption key

This protocol for secure communication is called TLS (previously SSL) and you can use it on any TCP connection

  1. Write an HTTP request

    GET /cat.png HTTP/1.1
Host: examplecat.com
User-Agent: Mozilla/...

  2. Encrypt the HTTP request With AES & send if to examplecat.com

browser: $Af9bbca^~gggBF
server, thinking: ah, I see,

GET /cat.png HTTP/1.1
Host: examplecat.com
...
  1. Receive encrypted HTTP response

server: BXF^56□gxx…
browser: nice, that means

200 OK
Content-Type: image/png
...

Saturday Morning Comics!

Want another comic like this in your email every Saturday? Sign up here!

I'll send you one of my favourite comics from my archives every Saturday.
© Julia Evans 2024 | All rights reserved (see the FAQ for notes about licensing)