TLS (Transport Layer Security)

TLS (Transport Layer Security), defined in RFC 2246, is a protocol for establishing a secure connection between a client and a server. TLS (Transport Layer Security) is capable of authenticating both the client and the server and creating a encrypted connection between the two.

The TLS (Transport Layer Security) protocol is extensible, meaning that new algorithms can be added for any of these purposes, as long as both the server and the client are aware of the new algorithms.

SSL vs. TLS

TLS (Transport Layer Security) is a replacement for Netscape's earlier SSL (Secure Sockets Layer) protocol.

TLS Usage

Many protocols use TLS (Transport Layer Security) to establish secure connections, including HTTP, IMAP, POP3, and SMTP.

The TLS Handshake Protocol

The TLS Handshake Protocol first negotiates key exchange using an asymmetric algorithm such as RSA or Diffie-Hellman. The TLS Record Protocol then begins opens an encrypted channel using a symmetric algorithm such as RC4, IDEA, DES, or 3DES.

The TLS Record Protocol

The TLS Record Protocol is also responsible for ensuring that the communications are not altered in transit. Hashing algorithms such as MD5 and SHA are used for this purpose.

A Free Implementation of TLS

The OpenSSL Project is a non-commercial toolkit implementing the TLS (Transport Layer Security) protocols.