https is a protocol identical to normal http:// which uses a different port (443, not http's port 80) and an additional encryption/authentication layer between HTTP and TCP.
https provides an additional encryption layer between HTTP and TCP, and that's it.
- http will fetch many resources pr. request. (the HTML page, stylesheet, images, etc).
- https does not disturb timing much. It does not hide the lenght of request.
- Visit SSL websites and profile the requests. Make a list of the requests, retrieved resources and their lenghts.
- Then observe the sequence of retrieved resource lenghts of the victim. Compare it to the profiles and you can make a relatively good guess about which page they match.
This can further be used by looking at the links on the web-pages on a https protected website. Guess which pages a user are likely to go to from other pages, and you're able to make a good guess at the sequence.