How HTTPS works

> I may very well be an old curmudgeon but am I the only one who doesn't like all this comic-y cutesy content? They seem to be a rebranded version of the old `Idiot's guide to X` which were ubiquitous in the '90s.

The For Dummies series - corny jokes, mediocre cartoons, and all - are what taught me computing as a kid growing up in the '90s. So I support content like this because, empirically, it works.

> can we just read something like https://hpbn.co/transport-layer-security-tls/ ?

Yep, we have that option and lots of explanations like that already exist.

This is a different approach to explaining the subject. I don't see how that's a problem. Personally I think they just went overboard with it (to the point of being distracting), but I get what they're trying to do and appreciate the effort - even if it's not for me. Kudos I say. Others might find it useful. Plus it could inspire someone else to explore another approach.

You are definitely an old curmudgeon, and I assume you are proud of that. Ironic thing about your link is that it's using Cloudflare

...So in an up-to-date browser it comes over TLS 1.3 (Cloudflare enables this by default, technically they're talking Draft 28, but this differs from the final RFC only in that drafts deliberately switch off TLS 1.3 downgrade protection since otherwise each draft would be mutually incompatible with every other system)

...So the description of how this works ends up being wrong for the site it's describing because it assumes TLS 1.{0,1,2} semantics but

...Despite the micro version change, TLS 1.3 is a significantly different protocol, both in how it begins and in details like resumption (now handled with PSKs) that this post describes for older SSL/TLS. It looks enough like TLS 1.2 that dumb middleboxes let it past.

One seldom acknowledged reason to write this sort of explanation (as a cartoon, as blog post, as a slide deck, whatever) is that the process of explaining something to other people clarifies our own understanding. When you're rehearsing "And of course the hats are invisible to bears, because..." you pause for a second -- wait, why _are_ these hats invisible to bears? Now that you come to say it, that's incredible and you realise you don't know. You go away and read the source materials - aha! Now you know why the hats are invisible and so although the purported purpose was to teach others, what you've actually done is learn for yourself.

[Edited s/hosted on/using/]

For every old curmudgeon who hates this style, there's probably a young whippersnapper who loves it. No reason we can't have both.

Dunno about the industry getting dumber, but they certainly are getting lazier when it comes to UX. I could barely read it for 10s before my eyes started hurting.

I share a similar sentiment. Articles with an abundance of memes/gifs -- ones trying to be funny/cute, not contributing to the subject matter -- are placed in the same category.

At best it adds clutter, but usually lends to distraction and/or frustration and moving on.

I feel the same way. Another thing I've noticed along the same lines is companies and technologies named after words in "toddler speak" by adding -y or -ly to the end of a word (e.g. dog -> doggy). I initially chalked this up to the .ly TLD but that doesn't seem to be widely used nowadays. Maybe it started out that way and took on a life of its own?

Different people learn in different ways. I usually prefer a well written, funny text to a dry one. If I am forced to use a completely dry reference to learn a new topic, I often make up humorous mnemonics and explanations as I go, to help things stick.

So, yes, I (and I assume many others) benefit from the content. Of course that is not to say it is for everyone. Personally I don’t care much for learning from videos but know many people who much prefer them to text.

I doubt there is a single, universal style of learning medium that is optimal for most (let alone all) learners.

Way too obnoxious with all the comic stuff, I left after 20 seconds.

FWIW I read it, I enjoyed it, and now I feel I know just as much as I wanted to know about https, ssl and tsl.

Part of the situation might be because of outsiders who try and learn these things on their own time. You might have a molecular biologist who finds themselves needing to setup up a webapp for some research and they were never formally educated as an "engineer".

Grown-ups also sometimes like to pass on what they know to children, teens and grandparent, so they might resort to cutesy stuff.

Then there are dummies like me who need lots of illustrations and everything explained from 10 different points of views before they start to understand. But, most of us hate getting in the way of the masters and experts.

We should have a "kids" version of HN and of various reddits. Everyone will be anonymous because your 50-yr-old co-worker doesn't want to be known around the office for reading comics that include cartoon superheroes showing you how to battle the evils of CSRF/SSRF.

(Thanks for linking to that page that explains TLS. That also helps.)

Any opinion of the "Head First" books? https://ssearch.oreilly.com/?q=head+first They seem better than the 90s "...For Dummies" books.

I think it has to do with who is reading. Some people learn better this way (myself included). I've seen many topics over the years explained in forms similar to this and it was very easy to understand opposed to just reading it out of a textbook. Although I'll admit that even this was done way too cutesy. They put far too many pictures with too small of text on each page, made it hard to follow along and keep focused. I need to be able to read fluently, small white text on a black background is hard on the eyes. You can find little snippets like this in many textbooks, but it's generally a single picture or two that are shown to better show the point made in the preceding text.

> Are we as an industry getting dumber?

No and apparently "we as an industry" also struggle to get less condescending.

Maybe "we as an industry" don't have to learn the intricate details of such technologies in this cheerful manner. But is every potential consumer of this site really a CS-degree holding, experienced developer coming from the trenches?

You know, some 13-year old might stumble upon this and find it quite a bit more engaging than the (very good) link you have shared.

Not all content is for all people at all times. Thankfully, the internet is still free enough for all of us to close pages if they don't provide useful content.

I think your link is ideal for computer professionals, but I think `the adventures of Certificat, Browserbird, and Compugter` will probably be better for people with little to no actual technical knowledge.

I don't think the industry is getting dumber.

I remember learning a lot from 1980s computer books with jokes and cartoons when I was older than 10, for example http://wiki.c2.com/?ThinkingForth , or the Fortran colouring book.

I'm not sure I'd've got on with ones where all the text is in cartoons, though. Too hard to scan, perhaps.

It was best when the cartoons were doing double service as diagrams showing what was going on inside the computer.

If you need more details there are certainly better sources. But imho there is usually a huge lack of trustworthy high level overviews. Newbies make mistakes and seasoned teachers may have a hidden agenda.

wow, talk about not appreciating your audience.

no man or woman on the street with a job not in the information economy would care to digest even your excellent linked doc.

TFA target audience is not even someone that understands that the Internet and the Web are different things.

It's a wonderful doc, wonderfully presented. With every mom and pop retail business needing a website these days, this is a really great explanation for them, so they can start to understand why they want https.

I hate it now, but it was the only thing I could read without getting completely overwhelmed, back in my early days.

Without beej's guide to networking I wouldn’t have understood TCP.

I started as a 10 year old with a "for dummies" book and finished an MEng in CS this year.

So some people do benefit from it a great deal, it seems.

Geez, man. Really, "Learn You" and "Brave and True"? Those books are 95% pure instruction, and you have a problem with them because they include a small captioned cartooned image every 10 pages? The tutorial in this post is on a completely different level, but if you have a problem with those other books injecting even the slightest bit of humor into an otherwise very dry material (however interesting it may be, it is dry), then I really feel angry at whoever hurt you.

It's good for younger audience. Myself, I just want the facts without the corny attempts at humor too.

How dare educators attempt to entertain?

Technology isn't only for the wealthy elite who have the time to sit and read hundreds of pages of jargon anymore. The internet is for everyone, not just us nerds.

>but why?

Content marketing and SEO purposes for the parent company, dnsimple.

Because it barely spends any time setting that up, for one thing. It would probably be a bit more memorable if the characters actually said things like “Hi! I’m Compugter! I sit on your desk or in your lap and talk to the Internet for you!”; instead there is just a panel with a tiny label floating off to one side.

Or maybe it should be “Hi! I’m Compugter, I sit in a rack in a puppy farm somewhere, and talk to the browserbird in your hand or lap or desk”? It really doesn’t define its terms at all before launching into a description of a man-in-the-middle attack. This is just not well-written, and no amount of cute drawings will cover for that, no matter how well done they are.

I have this problem with most analogies used to explain things. Computer concepts are abstract enough without layering another abstraction on top. If you're trying to explain something complicated, you're just adding more cognitive overload. If you're trying to explain something simple, why not be direct? It's possible that I just run into nothing but bad analogies, but I don't see them as being helpful.

I had this issue even starting from the first panel after the introduction, where the dog was sending a message to the bird. I kept having to scroll to the top to double check who was who.

> I wrote a paper

I'd be curious to read that paper, if you don't mind sharing a link - I recognize your name from the TLS mailing list, but I don't recall seeing that paper referenced there, and everything I google is in German...