SSL/TLS — Technology Wiki

Overview

Direct Answer

SSL/TLS is a pair of cryptographic protocols—Secure Sockets Layer (now deprecated) and its successor Transport Layer Security—that establish encrypted communication channels between clients and servers over untrusted networks. TLS remains the industry standard for protecting data in transit, authenticating endpoints, and preventing eavesdropping and tampering.

How It Works

TLS employs a handshake mechanism where client and server negotiate cipher suites, exchange certificates for authentication, and derive shared encryption keys using asymmetric cryptography. Once the handshake completes, application data flows through a symmetric encryption tunnel, with each record authenticated using message authentication codes to detect tampering.

Why It Matters

Organisations require cryptographic protection of sensitive data to meet regulatory compliance (GDPR, HIPAA, PCI-DSS), prevent credential theft, and maintain customer trust. Modern web commerce, banking, and healthcare infrastructure depend on widespread deployment; absence creates significant breach liability and reputational risk.

Common Applications

HTTPS for web browsing, email protocols (SMTPS, IMAPS), VPN tunnels, API communications, and database connections all employ TLS encryption. Financial institutions, healthcare providers, and e-commerce platforms rely on it to secure customer transactions and personal data.

Key Considerations

Certificate management complexity, CPU overhead during handshakes, and version deprecation (SSL 3.0 and earlier remain cryptographically broken) require ongoing operational maintenance. Misconfiguration—weak ciphers, expired certificates, or incorrect hostname validation—remains a common vulnerability vector despite protocol strength.

Cross-References(1)

Networking & Communications

Computer Network

Related in Protocols & Standards

Computer Network

A collection of interconnected computing devices that share resources and communicate using standardised protocols.

TCP/IP

Transmission Control Protocol/Internet Protocol — the fundamental communication protocol suite powering the internet.

HTTP

Hypertext Transfer Protocol — the application-layer protocol for transmitting hypermedia documents on the World Wide Web.

HTTPS

HTTP Secure — an encrypted version of HTTP using TLS for secure communication over the internet.

DNS

Domain Name System — the hierarchical system that translates human-readable domain names into numerical IP addresses.

IP Address

A unique numerical label assigned to each device connected to a computer network for identification and routing.

IPv6

The most recent version of the Internet Protocol, providing a vastly larger address space than IPv4.

Subnet

A logical subdivision of an IP network that improves security and performance by segmenting traffic.

Software-Defined Networking

An approach to networking that uses software-based controllers to manage network behaviour centrally.

Wi-Fi 6

The sixth generation of Wi-Fi technology offering improved speed, capacity, and performance in dense environments.

Network Latency

The time delay between sending and receiving data across a network, measured in milliseconds.

Bandwidth

The maximum rate of data transfer across a network path, typically measured in bits per second.

More in Networking & Communications

Network Monitoring

Protocols & Standards

The practice of continuously observing a computer network for slow or failing components.

Network Function Virtualisation

Cloud Networking

Replacing dedicated network hardware with software running on commodity servers.

Throughput

Protocols & Standards

The actual rate of successful data transfer across a network in a given time period.

mTLS

Protocols & Standards

Mutual Transport Layer Security — a protocol where both client and server authenticate each other using certificates.

Network Resilience

Protocols & Standards

The ability of a network to maintain acceptable service levels despite faults, challenges, and threats.

Mesh Network

Protocols & Standards

A network topology where each node relays data for the network, providing self-healing and redundant paths.

Reverse Proxy

Infrastructure

A server that sits in front of web servers and forwards client requests to the appropriate backend server.

Proxy Server

Infrastructure

An intermediary server that forwards requests between clients and other servers, providing security and caching.