This article explains how HTTPS upgrades plain HTTP by adding authentication, encryption, and integrity checks, walks through its three security layers, traces the protocol’s evolution from SSL 2.0 to TLS 1.3, and discusses the practical benefits, costs, and adoption challenges of securing web traffic.
This article presents the ten most frequently asked SSL/TLS questions, covering protocol differences, handshake mechanics, certificate structure, PKI, common vulnerabilities, perfect forward secrecy, cipher suites, revocation methods, certificate pinning, and the improvements introduced in TLS 1.3, while also highlighting why mastering these concepts is essential for security professionals.
The Poizon mobile app team reduced iOS and Android CDN request latency by up to 100 ms through adding regional edge nodes, upgrading to TLS 1.3, enabling OCSP stapling, and migrating traffic to HTTP/2, demonstrating that targeted CDN and protocol tweaks can deliver double‑digit performance gains with modest effort.
By upgrading Alibaba Cloud CDN from TLS 1.2 to TLS 1.3 and adding a Qiniu fallback, the DeWu app cut image and video loading latency by roughly 10‑15% on iOS and Android, eliminating the handshake bottleneck and enhancing security and user experience.
OpenSSL 3.0 has entered its beta stage, treated as a release candidate, inviting users to build, test, and provide feedback, while introducing a new Apache 2.0 license, provider‑based architecture, FIPS‑validated provider, pluggable TLS 1.3 groups, new encoders/decoders, CMP support, and updated APIs, with ABI changes requiring recompilation.
This guide explains how to improve website security and speed by configuring Nginx for HTTPS, adopting HTTP/2, enabling TLS 1.3, using Brotli compression, and deploying ECC certificates, while also covering version requirements, compilation steps, and verification methods.
This article explains how Alibaba’s lightweight web server Tengine leverages Intel QuickAssist Technology to offload SSL operations via an async ssl_async module, detailing its architecture, integration with OpenSSL, performance gains across various cipher suites, and the resulting multi‑fold increase in HTTPS throughput.
This article explains the TLS handshake protocol in depth, covering its overall flow, the generation of security parameters, the role of asymmetric algorithms, message structures, performance considerations, and mechanisms like session caching and abbreviated handshakes to ensure secure communication.
The article examines Alibaba’s large‑scale rollout of full‑site HTTPS across its e‑commerce platforms, detailing the technical hurdles of performance, compatibility, and operational planning, and describing the architectural solutions and optimizations that enabled secure, high‑performance user experiences.
