Nick McCoy
Email and Web Services NT2670
5 August 2014
TLS VS SSL
As some know TLS (transport Layer Security) and SSL (Secure Socket Layer) are protocols that encrypt data and authenticate applications and servers. But some people don’t know what the difference is between these two. Well, I’m going to shed some light on that and make it easier to understand. A lot of people think that TLS and SSL are used interchangeably or are in conjunction with each other they are right but not fully correct, and the reason is one is not like the other it is a predecessor of the other and here is why. SSL served as a basis for TLS now with that being said some refer to it as SSL 3.1 So the difference would be that SSL is by port and TLS is by protocol, so that’s the difference.
SSL and TLS are not compatible for instance if you have a program that can only speak SSL and not TLS, but want to connect to the service that only supports TLS you just cannot simply do it the reason is the program you are using wants to talk security first, but when it is received on the TLS end it wants to talk business first they don’t mix you cannot do it, so they are not compatible with each other. It’s like trying to fit a square in a triangle block in a square hole cannot do it.
Is TLS or SSL more Secure? Let’s find out.
TLS is the winner no matter what version and the reason are TLS v1.0 is more reliable than SSL v3.0 which is TLS predecessor, but however Versions 1.1 and 1.2 of TLS are far more secure and fix all vulnerability’s present in Version 3.0 of SSL and version 1.0 of TLS and the idea behind TLS being the winner of being the most secure is newer TLS if configured correctly can prevent what’s called a BEAST attack and other attack vectors and provides very strong encryption unlike SSL v3.0 and TLS v1.0 a BEAST attack will ultimately break web sites that run those two configurations