Add to collection(s) Add to saved
  1. No category
Uploaded by Gary Marum

Mediocre Engineer’s guide to HTTPS

advertisement 
Mediocre Engineer’s guide to HTTPS
1 of 15
https://devonperoutky.super.site/blog-posts/mediocre-...
Devon Peroutky / Blog posts / Mediocre Engineer’s guide to …
Mediocre Engineer’s
guide to HTTPS
Lifecycle of a HTTP request
1. Sender Makes a Request
2. DNS Lookup:
3. TCP Handshake:
4. Transmit HTTP Request
5. Packets routed across Internet to Server
Step-by-step explanation of how text makes it across the internet
6. Server Response
7. Content Rendering:
Little Layer Review
HTTPS � HTTP � Encryption
TLS Handshake
TLS Handshake
Everything you’ve learned here is a lie.
What is different about a handshake in TLS 1.3?
Shameful Plug
As a mediocre engineer, I took Internet and HTTPS communication
for granted and never dove any deeper. Today we’re improving as
engineers and learning a rough overview of how internet
Made with Super
communication works, specifically focusing on HTTP and TLS.
27/05/2024, 1:34 p.m.
Mediocre Engineer’s guide to HTTPS
2 of 15
https://devonperoutky.super.site/blog-posts/mediocre-...
The Internet is “just” a network of interconnected computer
networks. The term "Internet" literally means "between networks."
It operates as a packet-switched mesh network with best-effort
delivery, meaning there are no guarantees on whether a packet
will be delivered or how long it will take. The reason why the
internet appears to operate so smoothly (at least from a technical
perspective) is the layers of abstraction that handle retries,
ordering, deduplication, security and so many other things behind
the scenes. Letting us developers just focus on the application
layer (aka. Writing HTTP requests from San Francisco for $300K/
year).
Each layer provides certain functionalities, which can be fulfilled
by different protocols. Such modularization makes it possible to
replace the protocol on one layer without affecting the protocols
on the other layers.
Here’s a simple table of the layers.
Name
Description
Unit of
Communication
Application
layer
Manages application-specific
logic
Messages
Security layer
Provides encryption and
authentication
Records
Ensures reliable data transfer
Segments
�TCP� /
Datagrams
�UDP�
Transport layer
Network layer
Routes packets across the
Internet
Packets
Link layer
Manages the physical medium
Frames
Physical Layer
Transmits raw bit streams
over physical medium
Bits
Made with Super
27/05/2024, 1:34 p.m.
Mediocre Engineer’s guide to HTTPS
3 of 15
https://devonperoutky.super.site/blog-posts/mediocre-...
We’ll go over these layers more in-depth layer, but first, let’s see
this in action.
Lifecycle of a HTTP request
Here is the path of an HTTP request through these layers
�Skipping physical layer for brevity).
1. Sender Makes a Request
The process begins at the Application layer, where the client
(usually a web browser) constructs an HTTP request. HTTP is a
text-based protocol, meaning that all this data is sent as plain text
over the wire.
The first line typically includes:
• HTTP method �GET, POST, etc)
• Requested Resource �Example: /index.html )
• Protocol version.
The remainder of the HTTP message contains headers in a key:
value format an an optional message body.
Made with Super
Example: HTTP Request
27/05/2024, 1:34 p.m.
Mediocre Engineer’s guide to HTTPS
4 of 15
https://devonperoutky.super.site/blog-posts/mediocre-...
GET /index.html HTTP/1.1
Host: www.example.com
Accept: text/html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64)
AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212
Safari/537.36
2. DNS Lookup:
The Domain Name System �DNS� translates the human-readable
domain name ( www.example.com ) into an IP address (e.g.,
93.184.216.34 ). The client queries DNS servers to resolve the
domain name to its corresponding IP address. This process may
involve multiple DNS servers, including recursive resolvers and
authoritative DNS servers.
3. TCP Handshake:
Once the IP address is obtained, the client initiates a TCP
connection with the server on port 80 (the standard port for
HTTP�. This involves a three-way handshake:
• SYN� The client sends a SYN (synchronize) packet to the
server to request a connection.
• SYN�ACK� The server responds with a SYN�ACK
(synchronize-acknowledge) packet to acknowledge the
request.
• ACK� The client sends an ACK (acknowledge) packet back
to the server, establishing a reliable connection.
The TCP communication is usually referred to as the Transport
Layer from our table earlier
4. Transmit HTTP Request
Made with Super
27/05/2024, 1:34 p.m.
Related documents
Mediocre Engineer’s guide to HTTPS
Mediocre Engineer’s guide to HTTPS
The benefits of exercise and The dangers of lack of exercise
The benefits of exercise and The dangers of lack of exercise
605 tree obstacle course
605 tree obstacle course
Activity 2
Activity 2
Untitled document
Untitled document
Cylo
Cylo
ITIL v3 Foundation Practice Exam
ITIL v3 Foundation Practice Exam
isitvivid
isitvivid
Download
advertisement