Transport Layer Security (TLS)

Wiki ▸ 🔰 Foundations ▸ Transport Layer Security (TLS)

You may not have realized it, but you're already familiar with Transport Layer Security (TLS) because it is represented by the lock icon in or near your Web browser's address bar when you visit an HTTPS ("secure HTTP") website. The TLS protocol is a mechanism by which an application, such as your Web browser, can request the identity of another computer, such as the Web server providing the Web page you're viewing, verify that the server is telling the truth about who it is, and then initiate an encrypted connection to that computer, all without needing to know anything about that server ahead of time. This makes TLS arguably one of the most important and almost certainly one of the most widely-used encryption protocols ever designed. It was instrumental in enabling e-commerce, online banking, and more back when it was still called the Secure Sockets Layer (SSL) in the 1990's. Today, TLS is used to help keep your Web browsing, email, and instant message (IM) conversations private between you and the Web server, email server, or chat server, to whom you've connected.

As its name implies, however, Transport Layer Security is not a panacea; it is only intended to protect your data during transport from your computer to the computer it was destined for. This is why there are no passwords to enter when you use it, and why Web pages or your email messages still look like readable, plain text when you receive them. Encryption happens just prior to transmission, and decryption happens just after receipt of the transmission and before displaying the message, making it feel "transparent," or automatic, while you're browsing or emailing. This also means TLS is not a replacement for password-protecting or encrypting the contents of your messages by using other tools such as PGP/GPG, the Signal Private Messenger, and so forth.

See also The Illustrated TLS Connection: Every byte of a TLS connection explained and reproduced.