Lets say we have the following URL request in the address bar of the Browser: https://www.mydomain.com/herecomessomepathorauniqueidlike?=45345678654
My question is: Which part of this URL is protected by SSL, what part can be read by a man in the middle like an administrator in a company?
Thanks in advance.
The administrator can likely tell the hostname of the site you're visiting but not the path. The hostname is transmitted in the initial ClientHello handshake if you're using TLS SNI, which approximately translates to "not on Windows XP or an OS of that vintage." Even without that, though, your administrator can
Everything else, including the path, is transmitted in the HTTP request once the encrypted link is established. In theory, there's no way for this to be man-in-the-middled; in practice, entities as diverse as SSL-stripping hackers and the NSA have demonstrated occasional capability to perform these attacks, but the likelihood of one happening inside a company network is relatively rare.