What is the full form of SSL and TLS?
what is the difference between them?
SSL is short for Secure Sockets Layer and it refers to a method used to transmit a secure connection over an insecure network. TLS or Transport Layer Security is based on the same protocol, SSL with extra features for use as a client/server protocol.
See Wikipedia: TSL & SSL Protocol for more details. ?". SSL itself was originally called "secure socket layer," and was only ever used for network protocols. The difference between SSL and TLS is that in order for TLS to provide security, it relies on SSL. When an SSL connection is established, the endpoints first exchange a few low-level messages that serve to enable TLS (the Transport Layer Security portion of the protocol, see above) to work. Then there's a handshake that establishes trust in the client and then authenticates (authenticates as true).
Why do people use SSL?
Why not just use an SSH tunnel?
Let me preface this by saying I do not know if this is a good way to encrypt your data over a network. If I do not know the answer, then there is probably a good reason that I am not aware of. So, if you are in a position to ask a question, and you do not have answer, then you probably should not be asking the question. You can always ask on the mailing list, but I think it is better to find out from a smart person first before you do that.
Some people use SSL just for the ease of using the web browser (in which case, there is no reason to use a tunnel) and some people use SSL because they think that it provides additional security. In my opinion, SSL is mostly a marketing tool for large companies that use it for no reason.
The reason I have chosen to answer this question here is that the question was asked in the context of Tor. One of the things I would like to say is that I would not use any of these techniques. I will be using them to test the effectiveness of security.
When I ask questions about security, I usually like to make the question as simple as possible so that I can use the simplest possible implementation. The question is simple enough that it only needs to be answered by describing the smallest application you can think of that does what you want it to do. So, if you can think of a simpler implementation that does what you want, then you should describe the simplest one.
Before I start, I would like to talk about the motivation for asking this question. As I have explained in the title, most people do not need SSL. It is hard to explain, but just try to think of the number of people who have ever sent an email message that is not publicly available. You may say that most people who send email would want to keep it private, but that is not quite true. Most people want to read other people's email. Sending email is not a private act.
There is one group of people that should use SSL: the hackers. The good ones use it for one of two reasons: (1) To make their activities more difficult to trace, or (2) To make it difficult for the organization that is trying to detect their activities.
So, that is the motivation for using SSL. How does it work?
What is SSL using for?
If we take a step back for a minute, you may be wondering why anyone would use an encrypted connection.
The answer to this question is very simple. SSL is the same as HTTPS, but it's more secure. That means that SSL does not require you to share your username and password with anyone. SSL is also a very good tool to use when someone is watching your browsing activity or you want to protect your data.
What is HTTPS? To answer this question, let's start from the beginning. HTTPS is a protocol that connects web browsers and web servers, where the traffic is encrypted. There are a lot of things in between these two components, so for now, I'll just talk about the components and how they work together. Let's start from the beginning.
The basic idea behind HTTPS is that your web browser connects to a server on the Internet. This server has a public IP address and a domain name, such as This connection is encrypted with the help of a special algorithm (we'll get to this part in a bit).
When you visit a website that uses HTTPS, the website's server is firstly able to tell you what version of TLS/SSL you have, and if you are using a secure connection, it will also show you a green padlock. This is a sign that the website is using HTTPS, and the traffic is encrypted.
The browser then requests a certificate from a Certificate Authority (CA). This certificate shows that a company controls this website and that they are allowed to send traffic over the internet.
Your web browser then checks if the certificate is valid. If it's valid, the browser creates a secret key and signs it with the certificate. This key is then used to encrypt the traffic between your computer and the website's server.
After all of this, the browser sends the encrypted traffic to the server. The server decrypts the traffic and the website is able to display the information you requested. This all happens in a matter of seconds.
How SSL works? If you look at the diagram above, you might be wondering how SSL works. We just said that it encrypts your traffic, so what is it actually doing? Let's take a step back and see what SSL is doing.
Related Answers
What is TLS/SSL Protocol?
TLS stands for Transport Layer Security and it is a protocol used to create a secure connect...
Which is more secure SSL TLS or HTTPS?
and SSL? I know the difference between TCP/IP vs. IP, or S...
What are SSL VPNs used mostly for?
If you are looking to protect your private data online, one of the best things you c...