
HTTPS Encryption Lifecycle - Under the Hood
One HTTPS call from TCP open through TLS handshake, session keys, AEAD records, and teardown. Where asymmetric trust ends and symmetric bulk encryption begins.

One HTTPS call from TCP open through TLS handshake, session keys, AEAD records, and teardown. Where asymmetric trust ends and symmetric bulk encryption begins.

HTTP is the application protocol for requests and responses. HTTPS is HTTP over TLS. Methods, status, headers, the TLS wrap, certificates, and which failures people mislabel as network or app.

Symmetric crypto shares one secret for speed. Asymmetric uses key pairs for trust and key exchange. Where each appears in TLS, APIs, data at rest, and which mistakes look like security.

Unicast maps one IP to one place. Anycast maps one IP to many places and lets BGP pick the path. How both work, where DNS and CDNs use them, and which failures look like app bugs.

TCP is a reliable byte stream with handshake, ACKs, and congestion control. UDP is datagrams with no delivery guarantee. Components, steps, use cases, and which failures people mislabel as app bugs.

A CDN is a cache-and-route fabric at the edge: PoPs, origin, cache keys, TTL, anycast, and the hit/miss path. Why delivery scales, and which failures people mislabel as app or network.

DNS is a globally distributed, hierarchical, eventually consistent naming database. Stub, recursive resolver, root, TLD, authoritative name server, caching, TTL, and anycast.