What is SSL and why is it important? Open


SSL (Secure Sockets Layer) and TLS (Transport Layer Security) are cryptographic schemes that allow a visitor’s web browser to communicate securely with a web server. All sensitive data (credit card numbers, login information, etc.) that is transmitted over the Internet should be protected by SSL/TLS. TLS is simply the more recent version of SSL.

Which is more secure – SSL or TLS?
TLS v1.0 is marginally more secure than SSL v3.0, its predecessor. However, subsequent versions of TLS — v1.1 and v1.2 are significantly more secure and fix many vulnerabilities present in SSL v3.0 and TLS v1.0. For example, the BEAST attack that can completely break web sites running on older SSL v3.0 and TLS v1.0 protocols. The newer TLS versions, if properly configured, prevent the BEAST and other attack vectors and provide many stronger ciphers and encryption methods.

so: In terms of security they both for now considered equally secure.

The main difference is that, while SSL connections begin with security and proceed directly to secured communications, TLS connections first begin with an insecure “hello” to the server and only switch to secured communications after the handshake between the client and the server is successful. If the TLS handshake fails for any reason, the connection is never created.

Unfortunately, even now a majority of web sites do not use the newer versions of TLS and permit weak encryption ciphers, CFTS servers support both SSL and TLS as standard, for web and e-mail access.

Posted 2 years agoby peter
#141729 viewsEdited 2 years ago

Please login to post an answer