1
00:00:00,790 --> 00:00:10,540
‫Now, HTTP s consists of communication over HTTP within a connection encrypted by TLS transport, layer

2
00:00:10,540 --> 00:00:15,490
‫security or its predecessor, SSL, the Secure Sockets layer.

3
00:00:16,590 --> 00:00:23,040
‫The main motivation for HTTPS is authentication of the visited website and protection of the privacy

4
00:00:23,040 --> 00:00:25,050
‫and integrity of the exchange data.

5
00:00:26,070 --> 00:00:31,230
‫So let's see how a typical encrypted connection between the server and the client is established.

6
00:00:32,210 --> 00:00:37,550
‫The client sends the information that the server needs to communicate with the client using SSL.

7
00:00:38,730 --> 00:00:44,550
‫This information contains the client SSL version numbers, cipher settings and session specific data.

8
00:00:45,870 --> 00:00:51,000
‫The server then sends the information that the client needs to communicate with the server over SSL.

9
00:00:52,060 --> 00:00:54,610
‫The server also sends its own certificate.

10
00:00:56,020 --> 00:01:00,100
‫The client uses the information sent by the server to authenticate the server.

11
00:01:01,250 --> 00:01:08,660
‫So using all data generated in a handshake thus far, the client create the pre master secret for the

12
00:01:08,660 --> 00:01:16,190
‫session encrypted with the server's public key and then sends the encrypted pre master secret to the

13
00:01:16,190 --> 00:01:16,580
‫server.

14
00:01:17,540 --> 00:01:22,370
‫The server uses its private key to decrypt the pre master secret.

15
00:01:23,600 --> 00:01:28,850
‫And both the client and the server perform a series of steps to generate the master secret.

16
00:01:30,330 --> 00:01:37,320
‫Then they use the master secret to generate the session keys, which are symmetric keys used to encrypt

17
00:01:37,320 --> 00:01:42,450
‫and decrypt information exchanged during the SSL session and to verify its integrity.

18
00:01:43,950 --> 00:01:49,170
‫The client sends a separate message indicating that the client portion of the handshake is finished.

19
00:01:50,160 --> 00:01:55,920
‫And the server sends a separate message indicating that the server portion of the handshake is finished.