Oh I see - I totally respect that. I’ve always thought people should know How Things Work as much as possible. Your car, your microwave, city sewers, cement. All fascinating stuff but there is… so much. I’ve got a ton of thoughts and no one book on the topic springs to mind.

You already know the right process - pick topics and projects that interest you and read about them as well as lurk in forums discussing them.

I’ll do some more thinking and research tomorrow and see if I come up with anything.

Late response... I couldn't find an old textbook on PC architecture that was written for a business MIS class (still relevant but not as network oriented as you're probably looking for, anyway). I also have a tab open to MIT OpenCourseware (because I'm looking to dig in deeper on discrete math) which may have some more or less practical info. How Stuff Works books seem fairly useful, FWIW. But for this specific topic, websockets and web security, here's how I, a 25 year web professional, understood it:

- Huh never heard of websockets (reminds me of winsock, that's something else)

- Oh I see it's a new protocol, either a replacement of http(s) or it runs over it?

- Seems to emphasize two-way traffic (server can push data) so maybe it's faster

- Chris said it's more secure, but my search response titles seem to lean the other way.

Underlaying those, here's the "intranet infrastructure" knowledge I bring to the game:

- Computers network communications are layered, from wire signals up to app protocols. I don't have all those memorized AT ALL, order or boundaries, but I can tell you about a handful of major protocol types users know from browsers or other clients, I have seen some in packet sniffers that give you a feel for how the data gets represented, I've configured firewalls to all traffic through which helps me understand TCP/UDP streams and initiating (client) versus receiving (server) traffic and how computers map services/communication to ports, I've configured some protocols on servers (mostly HTTP(S) such that I know how to set versions and cipher suites for encryption). I suppose I've seen physical reresentations of electric sugnals and made my own ethernet wires so principles of interference and cuz I'm old I've seen network cards that get installed to change voltage to data... and I've seen DIFFERNT network cards (e.g. token ring) and learned enough without using them to know that there are different ways to control and coordinate communications over the wires.

- I know from reading about HTTP/2, the newer version of HTTP which I had to update (via minor configuration change in a file, no big whoop) in some places that there are SMART PEOPLE(tm) continually thinking about these protocols all the time tweaking handshakes and prefetches and many other things to make them faster and more secure. I just use them, and can do so without knowing any of this, or I can look up RFCs or other details to find out more.

- TLS (Transport Layer Security) provides the S in HTTPS, and it is sort of a wrapper around the HTTP data that gets streamed. It has versions, it can get updated, it can use specific encryptions. I don't know any of those maths but I know there are eyes on these things and newer almost always better.

- Seems like the security of websockets vs https isn't a clear thing from a preliminary search, they both use TLS which seems like a tie... and if it results lean one way it isn't to the new one. This is one of those things that you have to nose around, hear some arguments, put the discussion in the context it was offered, etc.

So, if the root of your question was to sort out if a statement on that security topic was correct, I can tell you as someone who has worked in and near it all -- I would be doing similar things to verify. I might have an edge on verifying some statements but who knows. Let me know if you get any good book/site recomendations.