At work today, I started investigating the latency differences for similar requests between HTTP and HTTPS. Historically, I was running with the assumption that higher latency on HTTPS (SSL) traffic was to be expected since SSL handshakes are more CPU intensive. I didn’t really think about the network consequences of SSL until today.

It’s all in the handshake.

TCP handshake is a 3-packet event. The client sends 2 packets, the server sends 1. Best case, you’re looking at one round-trip for establishing your connection. We can show this empirically by comparing ping and tcp connect times: