TLS & PKI

What is TLS?

Also known as: Transport Layer Security

Definition

TLS (Transport Layer Security) is a cryptographic protocol that provides encryption, data integrity, and server (and optionally client) authentication for applications running over TCP.

TLS is a cryptographic protocol that secures communications over a computer network. It runs above the transport layer (typically TCP) and below application protocols like HTTP, SMTP, or IMAP. The protocol provides three core guarantees: confidentiality through symmetric encryption, data integrity through message authentication codes, and endpoint authentication through public key certificates. TLS is the successor to SSL, with the first version (TLS 1.0) defined in RFC 2246 in 1999. The current standard is TLS 1.3, finalized in RFC 8446 in August 2018.

TLS operates through a handshake phase followed by a record protocol phase. In the handshake, the client and server negotiate a cipher suite, exchange cryptographic keys (using algorithms like Diffie-Hellman or ECDHE), and authenticate the server's identity by verifying its X.509 certificate against a trusted root store. TLS 1.3 reduced the handshake to a single round trip (1-RTT) for most connections, and supports 0-RTT for resumption. After the handshake, the record protocol protects application data in fragments, each encrypted and authenticated with the negotiated keys.

TLS is the foundation of HTTPS (port 443) but also secures other TCP-based protocols, including FTPS, SMTPS, and DNS over TLS (DoT). It is maintained by the IETF TLS Working Group. Most TLS implementations are based on OpenSSL, BoringSSL (Google), LibreSSL (OpenBSD), or NSS (Mozilla). While TLS provides strong transport security, its security depends entirely on proper certificate validation, cipher suite selection, and configuration hygiene. Attacks such as POODLE, BEAST, and Logjam exploited weaknesses in older protocol versions or specific cipher choices, leading to the deprecation of SSLv3, TLS 1.0, and TLS 1.1 by major standards bodies and browsers in 2020 and 2021.

Key facts

  • Replaced SSL; current version is TLS 1.3 (RFC 8446, 2018).
  • Uses a handshake to negotiate cipher suites and exchange keys before encrypting data.
  • Operates between the transport and application layers, typically over TCP.
  • Provides server authentication using X.509 certificates; client authentication is optional.
  • Deprecated versions: SSLv3, TLS 1.0, and TLS 1.1 are considered insecure.

How it works in practice

When you visit https://www.example.com, your browser establishes a TLS connection on port 443. The client and server perform a TLS 1.3 handshake: the client sends a ClientHello with supported cipher suites and a key share (for ECDHE). The server responds with its certificate, completes the key exchange, and the session keys are derived. From that point, all HTTP request and response data is encrypted and integrity-protected until the connection closes.

Related terms

SSL (Secure Sockets Layer) HTTPS X.509 Certificate Authority Cipher suite OpenSSL

References

More in TLS & PKI

ACME Protocol

ACME (Automated Certificate Management Environment) is a protocol that automates the issuance, renewal, and revocation of TLS certificates, defined in RFC 8555.

Certificate Authority

A Certificate Authority (CA) is a trusted entity that issues digital certificates after verifying that the requester controls the domain or identity named in the certificate.

Certificate Chain

A certificate chain is an ordered list of certificates, starting with the server certificate and ending with a root CA, that a client validates to establish trust in the server's identity.

Certificate Pinning

A security technique where an application trusts only a specific, pre-selected certificate or public key for a given server, bypassing the standard chain of trust.

Cipher Suite

A cipher suite is a named set of cryptographic algorithms negotiated during a TLS handshake, specifying key exchange, authentication, encryption, and integrity protection for secure communications.

Domain Validation

Domain Validation (DV) is the lowest level of certificate validation used in TLS/SSL, where the certificate authority verifies only that the applicant controls the domain name, typically via an HTTP or DNS challenge.

ECH

Encrypted Client Hello (ECH) is a TLS extension that encrypts the Client Hello message, including the Server Name Indication (SNI), to prevent on-path observers from learning the target hostname during the handshake.

Extended Validation

Extended Validation (EV) is the highest level of TLS certificate assurance, requiring the certificate authority to perform rigorous, human-verified checks on the legal identity and operational existence of the requesting organization before issuance.

HSTS

HTTP Strict Transport Security (HSTS) is a web security policy mechanism that forces browsers to interact with a website only over HTTPS, preventing downgrade attacks and cookie hijacking.

Intermediate Certificate

An intermediate certificate is a subordinate CA certificate signed by a root CA, used to sign end-entity certificates and enable path validation while the root remains offline.

Who Is Online

In total there are 76 users online: 0 registered, 69 guests and 7 bots.

Bots: AhrefsBot Applebot Baiduspider Facebook Other Bot Other Spider SemrushBot

Users active in the past 15 minutes. Total registered members: 340