TLS/SSL encryption is a communication protocol that encrypts data sent between a
client and a server, such as a web browser and a website:
What is TLS/SSL encryption?
SSL/TLS stands for: Secure Sockets Layer and Transport Layer Security.
How it works: SSL/TLS uses both asymmetric and symmetric encryption to protect
data. Asymmetric encryption establishes a secure session, while symmetric
encryption exchanges data within that session.
Why it's important: SSL/TLS protects sensitive data like passwords and payment
information from being viewed or tampered with. It also verifies the identity of
the domain owner.
How it's used: A website must have an SSL/TLS certificate to use SSL/TLS
encryption. The certificate allows the client and server to negotiate the level of
encryption.
TLS vs SSL: TLS is the more modern and secure replacement for SSL. TLS fixes
vulnerabilities in SSL and authenticates more efficiently. SSL was compromised by
several vulnerabilities and was replaced in 2015.
Commonly used term: Most people use the term SSL because it's more widely known.
Types of certificates: There are different types of SSL/TLS certificates,
including:
Domain Validated (DV) Certificates
Organization Validated (OV) Certificates
Extended Validation (EV) Certificates
Wildcard Certificates
