DNS Lookup (resolving the web address)
The first step in navigating to a web page is finding where the assets for that page are located (HTML, CSS, Javascript and other kind of files)
If we’ve never visited this site before, a Domain Name System (DNS) lookup must happen.
DNS servers are computer servers that contain a database of public IP addresses and their associated hostnames (this is commonly compared to a phonebook in that people’s names are associated to a particular phone number). In most cases these servers serve to resolve or translate those names to IP addresses as requested (right now there are over 600 different DNS root servers distributed across the world).
So when we request a DNS lookup, what we actually do is interogate one of these servers and ask to find out which IP address coresponds to the https://example.com name.
After this initial lookup, the IP address will probably be cached for a while, so next visits on the same website will happen faster since there’s no need for a DNS lookup (remember, a DNS lookup only happens the first time we visit a website).
TCP (Transmission Control Protocol) Handshake
Once the web browser knows the IP address of the website, it will try and set up a connection to the server holding the resources, via a TCP three-way handshake (also called SYN-SYN-ACK, or more accurately SYN, SYN-ACK, ACK, because there are three messages transmitted by TCP to negotiate and start a TCP session between two computers).
TCP stands for Transmission Control Protocol, a communications standard that enables application programs and computing devices to exchange messages over a network. It is designed to send packets (of data) across the Internet and ensure the successful delivery of data and messages over networks.
The TCP Handshake is a mechanism designed so that two entities (in our case the browser and the server) that want to pass information back and forth to each other can negotiate the parameters of the connection before transmitting data.
The browser sends a SYNC message to the server and asks for SYNchronization (synchronization means the connection).
The server will then reply with a SYNC-ACK message (SYNChronization and ACKnowledgement):
In the last step, the browser will reply with an ACK message.
Now that the TCP connection (a two way connection) has been established through the 3 way handshake, the TLS negotiation can begin.
TLS negotiation
For secure connections established over HTTPS, anotherhandshake is needed.
This handshake (TLS negotiation)
- determines which cipher will be used to encrypt the communication,
- verifies the server and establishes that a secure connection is in place before beginning the actual transfer of data.
Transport Layer Security (TLS), the successor of the now-deprecated Secure Sockets Layer (SSL), is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email and instant messaging but its use in securing HTTPS remains the most publicly visible. Since applications can communicate either with or without TLS (or SSL), it is necessary for the client (browser) to request that the server sets up a TLS connection.
Reference: https://dev.to/arikaturika/how-web-browsers-work-part-1-with-illustrations-1nid