Getting To Know SSL
SSL (now known as TLS) is a protocol which allows client/server applications to communicate across a network in such a way designed to prevent eavesdropping and tampering. SSL/TLS provides endpoint authentication and communications confidentiality over the Internet using cryptography.?
A prominent use of TLS is for securing web traffic carried by HTTP to form HTTPS (Hyper Text Transfer Protocol Secure) where they are known as Public SSL Certificates. HTTPS appears in the URL (or your address bar) when a website is secured by an SSL certificate. You will be able to view the details of the SSL certificate, including the issuing authority and the corporate name of the website owner, by clicking on the lock symbol on the browser bar. SSL applications of note are for e-commerce and asset management.?
The Simple Mail Transfer Protocol (SMTP) used by your email applications is also protected by TLS. These applications use public key certificates to verify the identity of endpoints.?
SSL is short for Secure Sockets Layer and it is the standard technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two systems, preventing cybercriminals from reading and modifying any information transferred, including potential personal details. The two systems can be a server and a client (for example, a shopping website and browser) or a server to server (for example, an application with personal identifiable information or with payroll information).?
SSL/TLS does this by making sure that any data transferred between users and websites, or between two systems remain impossible to read. Encryption algorithms are used to scramble the data in transit, preventing hackers from reading it as it is sent over the internet connection. This information could be anything sensitive or personal which can included debit card numbers and other financial information, names and addresses.?
TLS (Transport Layer Security) is the updated, more secure, version of SSL. We still refer to security certificates as SSL because it is a more commonly used term. However, the SSL and TLS acronyms can be used interchangeably, except when referring to a specific version.?
The Development of the SSL Protocol
TLS 1.3 is an approved Internet Standard. It is based on the earlier TLS 1.2 specification. TLS 1.3 removes obsolete and insecure features from the earlier TLS 1.2.?Because the protocol is in a sense more simplified, it makes it less likely for administrators and developers to misconfigure the protocol.?
领英推荐
The earlier historical versions of SSL/TLS are: SSL v2.0; SSL v.0; SSL v.3.0; and TLS v1.0; TLS v1.1 and TLS v1.2
DigiCert Inc are a world recognised provider of digital trust, including SSL/TLS certificates, across all use cases with a market penetration of over 27% as of January 2020. In addition, DigiCert have over 60% of all EV (Extended Validation) SSL certificates issued worldwide.
Reference: DigiCert SSL/TLS Best Practice Student Guide [2020]