[99s-extend] websocket over ssl

[e at bestmx.net]

Hello all.

I am trying to alter my cowboy-based websocket server from plain to SSL 
connection.
And I found out that I have failed to understand very basics of the 
combination of WS and SSL.

As far as i've understood the very nature of the WS it is a bit altered 
http connection (i open the http connection first, and then i change its 
status to WS)

On the other hand the whole "HTTP story" could be wrapped into SSL, so 
that SSL is an outer layer of data encoding (as seen transparent by an 
application)

thus,
if I open HTTPS connection (which implies SSL enveloping) and then alter 
the connection status to WS, the whole "WS story" appears naturally 
INSIDE THE PREVIOUSLY ESTABLISHED SSL CONNECTION.

Is it true?

In this regard i can hardly find a place in this world for the "WSS" 
term, what does it stand for?

Please, help me fit it in my head.

However, i might be confusing some Client-Side entities, that are 
involved in the process of starting up my WebSocket.

I am using a Browser with JavaScript.

The semantics of the very WebSocket.start() operation is not enough 
clear to me. Please, do not laugh.

when i do JS WebSocket.start() does it:
(a) opens an http connection and then alters it to WS
(b) alters the connection in the context of which the JS process is running
????

I'll be damned if the answer was lying on the surface of the internet!

The third part of this ugly question is about cowboy actually.
How all these entities mentioned above do map into my_app.erl file?
what particular bits of cowboy's "configuration" (may i call this 
particular piece of code a "setup" or "config"?) affect what aspects of 
the connection initialization.

well, i am afraid it could be put in a simpler way:
"Exactly When and Where the WSS story begins?"