Transport Layer Security (or TLS) is a security protocol that is used to protect data on the internet, and encrypts communication between web applications and servers like web browsers loading a website. It can also be used to encrypt other types of communication like email, messaging, and VoIP (voice over IP). TLS evolved from a previous encryption protocol called Secure Sockets Layer (SSL), which was developed by Netscape. TLS was first published in 1999 as an update to and continuation of SSL, the most recent version of which is TLS 1.3, published in 2018.
TLS provides three main components of security – encryption, authentication, and integrity. Encryption encodes the data being transferred from third parties, authentication ensures that the parties exchanging information are who they claim to be, and integrity verifies that the data has not been tampered with or forged. For a website or application to use TLS, it must have a TLS certificate installed on its origin server purchased from a certificate authority. The TLS connection between the client and server is initiated using a sequence known as the TLS handshake, which establishes a cipher suite for each communication session to specify which encryption keys will be utilized.
The latest versions of TLS have little impact on web application performance. Some load time and computational power may be expended during the complex process of setting up a TLS connection, but technologies like TLS False Start and TLS Session Resumption help mitigate potential latency created by the TLS handshake. It is a very fast protocol that should not noticeably affect load times, and the computational costs associated with TLS are mostly negligible by today’s standards.
Looking to learn more? We suggest heading over to Cloudflare’s Learning Center for an in-depth look at TLS.
Share this:
