The first version would go unpublicized, due to various security flaws.ġ995 – SSL version 2.0 is released. Scientists believe that APIs could facilitate the effort to secure existing network applications.ġ994 – Taher Elgamal, Netscape’s chief scientist, comes up with the version 1.0 of the Secure Socket Layer protocol. The SNP (Secure Network Programming) API is created.
Both TLS and SSL are being pushed as standards for secure network communication.ġ993 – Research into the transport layer security variant begins. The purpose of Project SDNS was to revamp the existing approach to secure the computer comm over the network.ġ987 – Project SNDS’ highlights and innovations are presented during the 10 th National Computer Science Security Conference. Among them are NSA, National Bureau of Standards, and the Defense Communication Agency. Several governmental and non-governmental agencies participate. Here are the events that led to the adoption of TSL and the deprecation of SSL.ġ986 – Project Secure Data Network System (SDNS) is set in motion. To fully understand why the adoption of TSL was imperative, let’s take a closer look at the chronology.
The Transport Layer Security protocol has a long-winded history, but everyone agrees (to disagree!) that it was a ‘necessary evil’, in the sense that its creators wanted to find a way to overcome the shortcomings of SSL ( Secure Sockets Layers), TLS’s predecessor. However, in practice, there are some types of applications that ‘override’ TLS’ security functions, employing it as a transport medium. Given the fact that TSL is security and not a transport protocol, it’s designed to run on top of some type of transport protocol TCP is an as good example as any. TLS gets its name from the rather peculiar way it differentiates itself from the single-layer model, ascribed to the OSI (Operation System Interconnection) and the TCP/IP models. WhatsApp), emailing your manager, or communicating over a VoIP application. Virtually everything we know about the Internet revolves around the concept of secure communications, regardless if it’s web surfing, sending an instant message over a dedicated platform (i.e. What is Transport Layer Security?Īccording to the RFC 5246 whitepaper, published on IETF’s (Internet Engineering Task Force) website, TLS is a cryptographic protocol, designed to safeguard the communication between a client and a server. In seeing how many sysadmins or even simple users get bogged down by the intricacies of security protocols, in today’s article we will be tackling one of the gold standards of secure communication: The Transport Layer Security or TLS. To call them perplexing, would be a major understatement – unless you’ve majored in computer sciences or cryptography, of course. By now, you must have stumbled upon alien-like concepts such as “SSL”, “TLS”, “handshake protocol”, “AES”, or “MD5-SHA-1”. Every online ‘novitiate’ begins with an exercise in security.