Rocky Bhatia

How Https Works ?


HTTPS, or Hypertext Transfer Protocol Secure, is the secure version of HTTP. It employs encryption protocols, such as SSL (Secure Sockets Layer) or TLS (Transport Layer Security), to ensure a secure and encrypted connection between a user's web browser and the server hosting the website.


1. Client Request: A user's web browser initiates a request to access a secure website by typing "https://" followed by the website's URL.

2. SSL/TLS Handshake: The server responds by providing its digital certificate, which includes a public key. The client (browser) then verifies the certificate's authenticity using a trusted Certificate Authority (CA).

3. Session Key Exchange: After the certificate is verified, the client generates a symmetric session key. This session key is encrypted using the server's public key and sent back to the server.

4. Server Decryption: The server, possessing the corresponding private key, decrypts the session key.

5. Secure Connection: Both the client and server now have the session key, which is used to encrypt and decrypt the data exchanged during the session. This establishes a secure, encrypted connection.

6. Data Transfer: All data exchanged between the client and server is encrypted using the session key, making it difficult for third parties to intercept and understand the information.

7. HTTPS Communication: The communication between the client and server continues over this secure, encrypted connection, providing confidentiality and integrity for the transmitted data.

In summary, HTTPS ensures secure communication between a user's browser and a web server by encrypting the data exchanged between them, making it more difficult for unauthorized parties to access or manipulate the information. The use of digital certificates and a secure key exchange process adds an extra layer of trust and authenticity to the communication.

3 months ago | [YT] | 4

Rocky Bhatia

Top 6 API Architecture Styles

APIs are the lifeblood of modern software development. Here are the top 6 API architecture styles and when to use them:

1. SOAP (Simple Object Access Protocol): Ideal for enterprise-level applications needing a strict, standardised protocol with strong typing and security features.

2. RESTful (Representational State Transfer): Best for web services prioritising simplicity and scalability, perfect for public-facing APIs with a stateless, resource-oriented design.

3. GraphQL: Suitable for flexible, client-driven APIs, allowing clients to request precisely the data they need, reducing over-fetching and under-fetching.

4. gRPC: Optimal for high-performance, efficient APIs, designed for low-latency, high-throughput communication, often used in micro services architectures.

5. WebSockets: Essential for real-time, bidirectional communication, such as chat applications and online gaming, maintaining a continuous connection for instant data updates.

6. Web hooks: Ideal for event-driven systems, enabling your application to receive notifications or trigger actions when specific events occur, like data updates or user actions.

Choose your API style wisely based on your project's specific needs. Each style has its strengths and can significantly impact your application's performance and user experience. 💡

9 months ago | [YT] | 4

Rocky Bhatia

12 must know system design components for cracking any system design

A strong grasp of System Design is essential for success in top-tier companies, regardless of your engineering background. It enhances your skill set and career prospects by enabling you to create efficient and adaptable systems.

Whether you're a software or hardware engineer, System Design principles are universally applicable. Proficiency in this field enhances problem-solving abilities, fosters collaboration with cross-functional teams, and opens doors to challenging roles and leadership positions.

12 Key System Design Components:

1. Load Balancers: Distribute traffic across servers (hardware or software) for efficient performance.

2. Caching: Store data in fast memory (e.g., RAM) for quicker access.

3. Monitoring Systems: Collect, analyse, and report performance metrics.

4. Distributed File System (DFS): Manage files across multiple servers or locations.

5. Analytics: Optimise efficiency and gain insights for informed decision-making.

6. Web Servers: Serve website content using protocols like HTTP.

7. Modern APIs: Follow standards (e.g., HTTP, REST,GraphQL) for seamless application connectivity.

8. Databases Handle structured (SQL), semi-structured (JSON, XML), and unstructured (blobs, images) data.

9. Messaging Queues: Enable asynchronous communication between nodes

10. Distributed Search: Improve search performance and scalability using multiple nodes

11. Content Delivery Networks (CDNs): Swiftly deliver online content via dispersed servers.

12. Cloud Computing Infrastructure: Knowledge of cloud computing is very much required /

In System Design, there's a wide array of additional components and considerations to keep in mind beyond the ones mentioned. These encompass aspects such as security, scalability, fault tolerance, database management, data replication, and more.

Anything crucial you think is missing?

If you're looking to dive into system design or seeking key techniques to approach system design, I highly recommend watching my newly created video "how to crack any system design" link in the comment section.

It's designed to provide valuable insights that can help you advance your skills in this area.

11 months ago | [YT] | 6