Start reading here. If there is only one thing that you take away from this comic, let it be this one.
To understand how HTTPS works, you have to know how symmetric and asymmetric key encryption works. It sounds like big words, but really it's not.
When you browse to a HTTP secure site, your browser and the server where it connects to have a secret handshake. We break this down and bring it into the real world so you can greet your friends with the secret handshake.
It's easy to confuse HTTPS, SSL, and TLS. We often use these terms interchangeably. Let's talk about each of them with a bit of hiss-tory.
What do they do? Why do we need them? How do they validate certificates? So many questions to answer in this last chapter of the comic!