> Do you think you could probably point me out to the correct RFC (or
whatever web standard document applies) to read more about that process?
I am not well versed on this, but AFAIK http requests are connectionless,
i.e. there's a request and a response, whereas https is connection based.
Because https communication is basically an autenticated and encrypted
session, i.e. a VPN tunnel, which requires a sustained connection. Otherwise,
each simple request such as GET should have been preceded by establishing an
SSL tunnel, and terminating the connection upon response. This is simply too
expensive to implement. So an SSL tunnel (connection) must be permanent one,
in which, requests and responses exchanged. Even if there's no exchange of
request/response pair between the client and server, the connection should
stay open once established, until either connection times out or parties
terminate the connection gracefully (by handshaking). This is as far as I
remember. I might be omitting important details.
As for a link, I don't have one readily available, but a DDG search with
combinations of "ssl" , "connection" , "https" , "tunnel" , "rfc" words
should lead you to relevant resources, I think.
