RezwanAhmed & His Team || Software Engineer

TLS Transport Layer Security

TLS Transport Layer Security

Transport Layer Security (TLS)

A slightly modified version of Secure Sockets Layer SSL version 3, called Transport Layer Security (TLS), has been standardized by the IETF (Internet Engineering Task Force ) [RFC 2246]. TLS uses HMAC for MAC, additional alert codes, different digest functions and different set of encryption algorithm.

The SSL protocol was originally designed by Netscape, but the basic ideas behind securing TCP had predated Netscape’s work (for example, see Woo [Woo 1994]). Since its inception, SSL has enjoyed broad deployment. SSL is supported by all popular Web browsers and Web servers, and it is used by essentially all Internet commerce sites (including Amazon, eBay, Yahoo!, MSN, and so on).

Tens of billions of dollars are spent over SSL every year.

In fact, if you have ever purchased anything over the Internet with your credit card, the communication between your browser and the server for this purchase almost certainly went over SSL. (You can identify that SSL is being used by your browser when the URL begins with https: rather than http.)

SSL addresses these issues by enhancing TCP with confidentiality, data integrity, server authentication, and client authentication. SSL is often used to provide security to transactions that take place over HTTP. However, because SSL secures TCP, it can be employed by any application that runs over TCP.