What is HTTPS?
HTTPS is HTTP messages sent over a TLS/SSL encrypted connection. Before the HTTP messages can be sent, a TLS/SSL connection must be established. This involves a handshake that includes negotiating encryption details such as ciphers and the server sending a certificate to the client. Most discussion about HTTPS decryption is centered around the TLS/SSL connection, especially the handshake.
If both the client and server agree on the encryption mechanism, and the client is assured that the server is who it says it is, then the connection is established. After that, all traffic within that connection is encrypted, often called an encrypted tunnel. If there is an eavesdropper they would be able to see the negotiation but be unable to decode the encrypted traffic.
The only way that an eavesdropper can decrypt the traffic is if they interfered with the handshake and inserted themselves into the conversation. However, there are cryptographic reasons why they cannot do this without changing the handshake in a way that the client will notice.
In a normal situation, HTTPS provides an assurance to the browser and the user that the web server they connected to is the one that they intended to and that no one is intercepting the traffic.
