Traces why TLS added post-quantum key exchange, how ML-KEM (FIPS 203) works, how the X25519MLKEM768 hybrid construction is built, and how the 2024-2026 browser rollout grew the ClientHello past one packet.
A message-by-message walk of the RFC 8446 handshake: ClientHello, HelloRetryRequest, ServerHello, EncryptedExtensions, Certificate, and Finished, marking exactly which bytes a passive observer can read and which the key schedule has already locked away.
Traces the lineage of transport encryption from Netscape's SSL 2.0 through TLS 1.0-1.2 to RFC 8446, told through the attacks that forced each revision: BEAST, CRIME, POODLE, Heartbleed, FREAK, and Logjam.