Loading
The encryption layer that makes HTTPS work — scrambling data between your browser and the server so no one in between can read it.
TLS handshake: client hello (supported ciphers) → server hello + certificate → key exchange → encrypted session. Certificate issued by a Certificate Authority (CA) proves the server owns the domain. Let's Encrypt provides free certs.
TLS 1.3 reduces handshake to 1 round-trip (0-RTT for resumption). HSTS header tells browsers to always use HTTPS. Certificate Transparency logs all issued certs — public record for detecting misissuance.