The modern “trusted Internet” is synonymous with two ubiquitous technologies: Secure Sockets Layer (SSL) and Transport Layer Security (TLS). This article deals with both. When accentuating their similarities, they’ll be dealt with together; at times, however, we’ll differentiate between the two. Regardless of which technology we’re discussing, cryptographic keys allow for encrypted private conversations between remote parties while digital certificates ensure that servers truly belong to the entities for which they represent online. These components comprise the Public Key Infrastructure (PKI) that makes secure conversations and transactions possible on the inherently insecure public Internet.
What indicators come to mind when you think of the “trusted Internet?” Is it the padlock icon? Or is it perhaps the “https://” designation in the browser address bar? Have you ever really looked at a digital certificate and verified that it is issued by a recognizable certificate authority (CA)? SSL encompasses all of these elements and more.
SSL became an Internet standard in 1994, with TLS being added soon thereafter. Both are constructed around a similar architecture using X.509 certificates. Although there are some differences between SSL and TLS, this document generally refers to the protocol as SSL/TLS, since the two share a common architecture. SSL/TLS is most often represented as HTTPS, but the protocol can be used to secure any TCP-based application. SSL/TLS is also popular for encrypting traffic between email clients and POP or IMAP servers, setting up secure tunnels between IDS sensors and management consoles, and supporting VPNs as a lower-cost alternative to IPSec.
SSL 3.0 debuted in 1996 and quickly became the Internet’s primary security mechanism. TLS is the successor protocol to SSL, allowing clients and servers to specify accepted hash and signature algorithms and support additional cipher suites. TLS 1.3 rolled out in 2018 and included several security and performance improvements. It also removed obsolete and insecure features from the 2008 TLS 1.2.
As of August 2019, best security practices by the National Institute of Standards (NIST) requires all government TLS servers and clients support TLS 1.2 (configured with FIPS-based cipher suites) and recommends agencies develop plans to support TLS 1.3 by January 1, 2024.
With cybersecurity at the forefront in this digital age, more internet users are wondering, “What does SSL mean?” and “How secure are the sites I use?” It benefits every website owner to know the answers and to take the necessary steps to establish trust with visitors to their site. And now we’ve covered what SSL means, but what is an SSL certificate? Read on.
SSL/TLS certificates play a critical role in secure and encrypted communications between a client and a server. First, the server’s certificate, containing its public key, is used by the client to determine whether the client should accept a trust relationship with the server. If the client accepts or validates the authenticity of the server, then the server certificate is used to establish a secure, encrypted channel for the ensuing session. These protocols are not new.
Most of us have probably heard of SSL even if we don’t come from a cybersecurity background—and even if our eyes have only glazed past the term on our browsers. But what does SSL stand for? SSL stands for Secure Sockets Layer, and TLS stands for Transport Layer Security. They are online security protocols to protect data sent across the internet.
An SSL certificate encrypts sensitive information, provides authentication, and bestows trust. The primary purpose of SSL is to encrypt sensitive information that is sent across the internet so that only the intended recipient can access it, protecting information against hackers and identity thieves.
An SSL certificate through a trusted provider also supplies verified authentication, so you can be sure that you are sending information to the right server, and not to a malicious imposter. A secure connection through SSL also instills more trust in your customers.