Understanding the TLS Handshake: What HTTPS Secures and What It Doesn’t
Learn how the TLS handshake establishes an encrypted tunnel for HTTPS, what it protects, and the limits developers should be aware of.

When you type https:// in a browser, a series of network protocols spring into action before any page appears. First TCP establishes a reliable connection, then TLS negotiates an encrypted tunnel, and finally HTTP runs inside that tunnel. Understanding each step reveals what HTTPS truly protects and where its guarantees stop. For developers, the handshake details affect performance, security posture, and debugging strategies.
What happened
The client begins by completing TCP’s three‑way handshake, creating a bidirectional, ordered channel that carries raw bytes without encryption. Over this channel the TLS handshake starts. The client sends a ClientHello listing supported TLS versions and cipher suites along with a random nonce. The server replies with ServerHello choosing the protocol version and cipher suite, then sends its X.509 certificate containing a public key signed by a trusted CA. If the chosen suite uses an ephemeral key exchange, the server adds a ServerKeyExchange with a temporary public key signed by its private key. The client responds with ClientKeyExchange, providing its own temporary public key. Both sides compute a shared secret, send ChangeCipherSpec to switch to encrypted records, and finish with a Finished message that hashes the entire handshake.
Why it matters
The handshake guarantees confidentiality (the shared secret encrypts traffic), integrity (the Finished hash detects tampering), and authentication (the certificate proves the server’s identity). This protects against eavesdropping and man‑in‑the‑middle attacks, but only as long as the PKI remains trustworthy and the client validates the certificate chain. Developers must also consider the performance cost of extra round‑trips and cryptographic operations, especially on mobile or high‑latency networks.
- Strong encryption prevents passive network sniffing.
- Server authentication stops most man‑in‑the‑middle attacks.
- Forward‑secrecy ciphers limit damage if long‑term keys are later compromised.
- Additional round‑trips increase latency.
- Complex configuration can lead to weak cipher suites or protocol downgrades.
- HTTPS does not protect data once it reaches the server or client.
How to think about it
Treat the TLS handshake as a baseline security layer, not a silver bullet. Verify certificates against up‑to‑date trust stores, enforce TLS 1.2 or higher, and prefer cipher suites with forward secrecy. Enable HTTP Strict Transport Security (HSTS) to force browsers to use HTTPS. For highly sensitive payloads, add end‑to‑end encryption at the application level so that data remains protected even if the server is compromised.
FAQ
Does HTTPS encrypt the entire request and response?+
Which handshake message provides server authentication?+
Can a TLS handshake be downgraded or bypassed?+
- security·4 min readEU Advances 'Chat Control' Legislation, Threatening Private Communications and Digital Anonymity
The EU is pushing forward with 'Chat Control' legislation, threatening private communications and anonymous digital interactions through undemocratic processes. Developers should understand the…
- security·3 min readDanish Police Raid Privacy Activist Lars Andersen Over Surveillance Protest
Danish privacy activist Lars Andersen was raided by police after targeting pro-surveillance politicians with GPS tracking devices.
- security·3 min readxAI Grok Build CLI uploads full repo and .env secrets by default
A wire‑level analysis shows Grok Build CLI sends your entire codebase and .env files to xAI, raising privacy concerns.
The week’s highest-signal tech and AI stories, synthesized into a five-minute read. One email a week, no spam, unsubscribe anytime.