[MUSIC PLAYING] DAVID MALAN: So it's after warriors of the net we have to go back in and clean it up the explanation of how the internet works. But we actually talk in CS50 more about HTTP as a representative protocol than about TCP/IP. Even though with the whole set up is about home networking and how the internet works. HTTP is really where we bring the conversation back to application layer programming. DOUG LLOYD: Right. DAVID MALAN: For the web, in this case and indeed with HTTP. We have an opportunity to talk about what a protocol is. The example I always give, if you'll humor me. Is, hello, nice to meet you. DOUG LLOYD: Nice to meet you as well. DAVID MALAN: And you acknowledge that initiative of a protocol that I just commenced in. And silly little human tradition, but it's an example of a protocol. I extend my hand. You extend yours. We shake. Transaction complete. So not unlike the TCP, pun intended, three way handshake. But with HTTP/2, we have some opportunities to discuss what it really is. And even though it is a protocol, which is fancy sounding. We try to help students realize that it's just textual messages inside of a virtual envelope, if you will. And one of the demonstrations we'll often do is take out an envelope and some sheets of paper. Write the messages on them. Put them inside. And if you really want to go down that road. You can start talking about how the HTTP packet is inside of the TCP packet, is inside of the IP packet, and so forth. All the way down to that. DOUG LLOYD: You can actually take a picture and cut it up into different pieces. [INTERPOSING VOICES] DOUG LLOYD: TCP reassemble it later on. DAVID MALAN: Indeed. DOUG LLOYD: Is there a reason that you wanted to focus on the Hypertext Transfer Protocol as opposed to SMTP, so email? I guess HTTP is familiar to students. DAVID MALAN: I'm just more familiar, indeed. Most people assume or equate the web with the internet. Even though there are certainly any number of other services. Like SMTP and email more generally. So HTTP is also the domain in which we're going to be playing with web programming. And so it just seems to make sense there. And students have seen it in various contexts. Sometimes you see cryptic looking things in the URL. Sometimes you don't. Sometimes the browser warns you that you're about to resubmit a form. So there's a lot of ways now to tie together things they've seen in the real world. And actually explain what's going on technologically. DOUG LLOYD: That's fair. You don't get those sort of error messages or visual cues from SMTP or something. DAVID MALAN: [INAUDIBLE] And this is nice too. Even though we throw away some of the more distracting HTTP headers. You can start to wrap your mind around these kinds of messages. And understand what it is that's going on. DOUG LLOYD: And it's not all that arcane to get. That's pretty intuitive what it's going to do. Yeah. DAVID MALAN: Indeed. And what's nice too is because once we start to reveal a few more headers. Like the set cookie or the cookie headers, can we discuss how you can build on top of an otherwise stateless protocol state. And then we can also talk about security, session hijacking, or theft of cookies. And why encryption in HTTPS is a good thing. Which brings us back then to week 2 and our discussion early on of cryptography, albeit with a more sophisticated cipher at this point. So there's a lot of nice intersections with topics past that this allows us to revisit and then go beyond. DOUG LLOYD: And one other great thing about the fact that we do take a look at HTTP headers. Is it gives us a chance to take a look in Chrome, the Chrome console of the Inspector. Which students will then later use in particular with JavaScript. So it gives them a sense of that tool that's been baked into their browser. That they might not have had a chance to use before. DAVID MALAN: Indeed.