SSL –Secure Sockets Layer
It is the early protocol or cryptographic technology that ensure communication security over computer network.
SSL has found wide range application including web browsers, email server, internet messaging, and voice over internet. SSL is now deprecated and has been succeeded by Transport Layer Security
TLS – Transport Layer Security
It is the successor of SSL. It is primary used to secure all internet communication between server to server, servers to browser.
TLS has 3 qualities that ensures its success.
- Private or Secure Connection
- Identity Authentication
- Reliable Connection
Secure Connection – each connection is secured using symmetric cryptography, where server and client negotiate which key and cryptographic algorithm to use before transmission of the first byte – this is known as shared secret.
Identity Authentication – the identity of communicating parties is authenticated by a public key cryptography, at least one of the parties has to be authenticated, usually the server.
Reliable Connection/Transmission – every message includes a message authentication code which checks the integrity of the message to ensure no undetected packet losses or alteration during transmission.
SSL/TLS – The default cryptographic standard for internet communication as at 2018 is TLS1.3 but the name SSL stuck and has not been dropped despite SSL 3.0 protocol being deprecated in 2015 and therefore SSL is used interchangeably to refer to the standard or default cryptographic technology.
SSL/TLS as well is used to refer to the default TLS protocol.