TLS and SSL are cryptographic protocols to secure sensitive information transmitted between browsers and servers. These cryptographic protocols allow sensitive information such as credit card numbers, social security numbers, and login details to be transmitted in an encrypted form.

Without SSL/TLS, data transmitted between the browser and server is sent in plain text, which is vulnerable to eavesdropping. Network attackers can easily intercept information transmitted in plain text.


SSL (Secure Socket Layer)

SSL communication protocol was designed in 1996 to provide privacy and reliability between two servers or applications. SSL prevents attackers from compromising the sensitive information traveling between servers or client and server.
 
The latest available version of SSL is 3.0, which was recently found vulnerable. Due to this vulnerability, attackers can extract plaintext of encrypted information from established secure connections. Although SSL 3.0 is an almost 18 years old protocol, it is still widely used in servers and supported by all browsers.

TLS (Transport Layer Security)

TLS is nothing but a new name for SSL. Because after the latest version of SSL 3.0, its predecessor TLS 1.0 was introduced. Hence, TLS 1.0 is just SSL 3.1 but is more reliable. The Subsequent versions of TLS (TLS 1.1 and TLS 1.2) are significantly more secure and fix many vulnerabilities present in SSL v3.0 and TLS v1.0.
 
The newer TLS versions can prevent BEAST, POODLE, and other attack vectors and provide many stronger ciphers and encryption methods. Unfortunately, even now, most websites do not use the newer versions of TLS and permit weak encryption ciphers.

The main difference between SSL and TLS is as below:

SSL connections begin with security and proceed directly to secured communications. Whereas TLS connections begin with an insecure “hello” to the server and only switch to secured communications after the handshake between the client and the server is successful. If the TLS handshake fails for any reason, the connection is never created. The exact differences between SSL-TLS are extremely technical, but in simpler words, we can say that TLS is the latest and more refined cryptographic technology.

Get SSL Certificates »
Was this answer helpful? 1 Users Found This Useful (2 Votes)

Most Popular Articles

Get to know about SSL

This article will provide you with a brief idea of SSL. Starting with what SSL is... The Secure...
What is the charge for SSL certificate purchase and installation?

We are offering different types of SSL certificates. Please refer following URL for available SSL...
What is Server Name Indication (SNI)?

SNI (Server Name Indication) was originally not part of the SSL protocol. However, in 2003 it was...
What does gray padlock with orange sign means in browser URL bar?

The Gray padlock with the Orange sign means the website is partially encrypted with HTTPS. The...
How to export an SSL certificate from Apache server?

When you want to move an SSL certificate from one server to another server, you need to perform...