SSL vs TLS

TLS (Transport Layer Security) is a cryptographic protocol designed to protect the communication link or transport layer. TLS can secure communication over insecure infrastructure by protection information in transit.

TLS version 1.3 is the most recent and actively used version of the cryptography protocol suite and comes with several security and performance enhancements relative to the now obsolete SSL version 3.0 protocol.

The original cryptography protocol was SSL version 2 and was developed by Netscape and released in 1994, this evolved into SSL version 3 which was released by Netscape in 1995.

In 1999, TLS version 1.0 was released as RFC 2246 with very minor differences to SSL version 3. This evolved into the release of TLS version 1.1 in 2006 which included several security fixes. TLS version 1.2 was released in 2008 enabling a fully flexible protocol that included support for authenticated encryption and the removal of hard-coded security primitives.

TLS version 1.3 was released in 2018 and is the newest version of the transport layer security protocol and provides reliable encryption over the internet. The main focus of TLS version 1.3 was on faster speeds and stronger security.

The SSL protocol was originally developed by Netscape in 1994 and through a TLS working group the SSL protocol was migrated over to the Internet Engineering Task Force. At the time there were big political fights between Netscape and Microsoft for dominance over the Web. To please Microsoft the protocol name Secure Sockets Layer (SSL) was renamed to Transport Layer Security (TLS).

SSL version 3 is older than TLS 1.3 and the SSL version 3 protocol is now obsolete.

TLS 1.3 includes enhancements that enable faster speed and stronger security. Users benefit from faster and more secure browsing with a 100ms improvement in the handshake.

TLS 1.3 enables users to enjoy better connections and faster browsing without having to upgrade other internet services. Network Operations teams that are responsible for delivering business-critical applications and services rapidly and efficiently will be able to ensure that their network runs fast and stays secure.

TLS 1.3 is supported by applications on both the client-side and the server side. In the context of the client side applications, TLS 1.3 is supported by most popular browsers such as:

• Google Chrome – Version 67+
• Mozilla Firefox – Version 61+
• Apple – Mac OS 10.3 & iOS 11

On the other hand a server can be upgraded to support TLS 1.3 by updating the TLS/SSL library to one of the versions below:

• Open SSL 1.1.1
• GnuTLS 3.5.x
• Google’s Boring SSL (current)
• Facebook’s Fizz (current)