diff --git a/tex/text.tex b/tex/text.tex
index 65256bd..826c5ed 100644
--- a/tex/text.tex
+++ b/tex/text.tex
@@ -103,9 +103,6 @@ distribution scheme}, which allows the two parties to arrive at a shared secret
 by exchanging information via insecure channels with the presence of an
 eavesdropper.
 
-\n{3}{TLS}\label{sec:tls}
-
-
 \n{2}{Hash functions}
 
 Hash functions are cryptographic algorithms used to help with a number of
@@ -137,6 +134,45 @@ access to a password breach that contains hashes, all it takes is to find a
 match within the rainbow table and reversely resolve that to the known
 message: the password.
 
+
+\n{3}{TLS}\label{sec:tls}
+
+The Transport Layer Security protocol (or TLS) serves as as an encryption and
+\emph{authentication} protocol to secure internet communications. An important
+part of the protocol is the \emph{handhake}, during which the two communicating
+parties exchange messages that acknowledge each other's presence, verify each
+other, choose what cryptographic algorithms will be used and decide session
+keys. As there are multiple versions of the protocol in active duty even at the
+moment, the server together with the client need to agree upon the version they
+are going to use (these days it should be 1.2 or 1.3), pick cipher suites
+(TLSv1.3 dramatically reduced the number of available suites), the client
+verifies the server's public key (and the signature of the certificate
+authority that issued it) and they both generate session keys for use after
+handshake completion.
+
+The handshake consists of multiple stages (again, depending on the version), for
+TLSv1.3 that would be:
+
+\begin{itemize}
+  \item \textbf{Client hello}: client sends a client hello message containing
+    the protocol version, a list of cipher suites and the client random value.
+    The client in this step also includes the ephemeral Diffie-Helman (EDH)
+    parameters, which are later used for calculating the pre-master key.
+  \item \textbf{Server generating a master secret}: the server has got the
+    cipher suites, the client's paramaters and client random and already has
+    the server random, which means it can create the master secret.
+  \item \textbf{Server hello and ``Finished''}: the server includes in the
+    hello its certificate, digital signature, server random, the chosen
+    cipher suite, and sends a ``Finished'' (meaning \emph{ready}) message.
+  \item \textbf{Signature and certificate verification}: the client at this
+    step verifies server's certificate and signature, generates the master
+    secret and is ready (sends the ``Finished'' message).
+\end{itemize}
+
+At the end of the process, the connection is protected by symmetric encryption
+using the session key that the both parties have arrived at.
+
+
 \n{1}{Passwords}\label{sec:passwords}
 
 Passwords have been in use since the ancient times, apparently already the