Monday, December 10, 2018

Is SSL and TLS same or different?


Yes, many people are using these terms interchangeably. But in today’s time, right term would be TLS. Well, understand what is this TLS and why do we really need it?

Most of us are already aware that HTTP is a plain text protocol which doesn’t have its own transport security mechanisms. In other words, HTTP is a protocol which sends data to a server and gets a response without any built-in feature or mechanism to protect data packet against tampering.

To protect our packet which is travelling through HTTP, some sort of secure tunneling is required and that secure tunneling is provided by a protocol called TLS a.k.a. SSL. Here HTTP and TLS comes together.

Usually people associate SSL/TLS with encryption, but that is not the only feature SSL provides. There are few more features as:

Server Authentication – It makes sure that communication with the right server is made
Veracity Protection – It promotes integrity and makes sure that none in between is reading our data
Confidentiality – It makes sure that none should know what data is being transmitted

Associating above features with HTTP makes HTTPs more reliable and authentic. Now question may be, how to achieve this or how to implement this SSL. Here comes in the requirement of certificates. Do wait for my next article to know more on certificates.

Happy learning.

1 comment: