SSL/TLS

SSL (Secure Sockets Layer) and TLS (Transport Layer Security) are cryptographic protocols designed to provide secure communication over networks, most commonly the internet. SSL was originally developed by Netscape in the 1990s, with SSL 3.0 being the last version before TLS took over. TLS 1.0, released in 1999, was based on SSL 3.0 but with security improvements.

The current versions in use are TLS 1.2 (2008) and TLS 1.3 (2018), with older versions being deprecated due to security vulnerabilities. Despite TLS being the current standard, the terms SSL and SSL/TLS are still commonly used interchangeably in the industry. These protocols provide three main security services: encryption (confidentiality) to prevent eavesdropping, authentication to verify the identity of communicating parties, and integrity to detect tampering with transmitted data.

TLS operates between the application layer and transport layer, making it transparent to applications while securing the underlying network communication. Modern TLS implementations support various cryptographic algorithms and provide features like Perfect Forward Secrecy, which ensures that past communications remain secure even if long-term keys are compromised.