SSL (Secure Sockets Layer) and TLS (Transport Layer Security)

SSL (Secure Sockets Layer) and TLS (Transport Layer Security) are hybrid encryption protocol for secure data transmission in the Internet. SSL was predecessor. We published about HTTPS (Secure Hypertext Transfer Protocol) before and is based on SSL or TLS to create an encrypted channel. Recently we published an article on how to install SSL Certificate for WordPress on Rackspace Cloud Sites. But for future articles and guide we need a more detailed article explaining SSL (Secure Sockets Layer) and TLS (Transport Layer Security).

Basics of  SSL (Secure Sockets Layer) and TLS (Transport Layer Security)

Transport Layer Security (TLS) is more extensively known with its predecessor’s name called Secure Sockets Layer (SSL). Version 1.0 of  TLS is version 3.1 of SSL. For easy to use and wide usage, we will use SSL to denote the current version of SSL, that means TLS right now. There is change in Standardization authority making to change the name and furthermore, TLS in current technology is more appropriate nomenclature. This explains the relationship of SSL and TSL. These are encryption methods to ensure security.

Usage of SSL or TLS

SSL encryption is now especially used with HTTPS. Most web servers support TLS 1.0, many also support SSL v2 and SSL v3 with a variety of encryption methods, almost all browsers and servers use TLS, but preferably with RSA and AES or Camellia for encryption. SSL v2 is disabled in most current browsers or causes a security warning making user to accept the risk oneself, since this version of protocol has a number of vulnerabilities. Google Chrome supports TLS 1.2 in the default configuration and Opera has support too (as of 08/2012). There is special problem with cross version and technical support of Opera desktop version of Windows OS resulting in a crash.

More and more website owners are using Extended Validation SSL Certificates (EV SSL certificate). In the browser address line, an additional field appears with color code and the domain owner with the certificate authority (like VeriSign) will be displayed.

The advantage of the SSL protocol is the ability to match any higher security layer protocol based on the SSL protocol. The disadvantage of the SSL-encrypted transmission is that the connection setup on the server side computationally intensive and therefore slower. The encryption itself takes depending on the algorithm only little computing time. For advanced Cloud Hosting, this is very negligible.

Looking at the future, we can definitely opine, while creating a serious website consider SSL / TLS from the beginning to avoid the problem with loss of backlinks. As today anyone can buy a .com domain, a SSL obviously makes a website / domain more reliable to any search engine, technically this is logically correct despite whether the officials of the search engines accepts or denies the positive impact of SSL. However, try to use a Cloud Platform on which the RAM and CPU is scalable, otherwise using SSL will slow down the loading or can output a white page.