TLS
Stands for “Transport Layer Security.” TLS is a data encryption technology that provides secure data transfers. It encrypts (or scrambles) all data sent from one system to another. Any third party that attempts to “eavesdrop” on the transfer will be unable to recognize the data.
TLS can encrypt data transfers over any network, from a small local area network to the Internet. Secure websites, for example, use TLS to deliver website content over HTTPS. Email protocols, such as IMAP and SMTP, also support TLS.
Secure protocols typically require a different port number than their non-secure counterparts. Below are the standard non-secure and secure (TLS) ports for web and email connections:
HTTP: port 80
HTTPS: port 443
IMAP (standard): port 143
IMAP (secure): port 993
SMTP (standard): port 25
SMTP (secure): port 587
TLS vs SSL
TLS is the successor to SSL, or Secure Sockets Layer. It was introduced in 1999 as a more secure means of encrypting data transfers. TLS 1.0 and 1.1 (introduced in 2006) were backward-compatible with SSL. While this simplified the transition process, it also compromised security, since it allowed systems to use the less-secure SSL option.
In 2008, TLS 1.2 eliminated backward-compatibility with SSL. It also replaced the MD5-SHA-1 encryption algorithm with stronger SHA-256 encryption. TLS 1.3, introduced in 2018, added several additional security improvements.
Common web browsers, such as Chrome, Safari, Edge, and Firefox, deprecated TLS 1.1 and earlier in 2018. Today, most web servers and mail servers require TLS 1.2 or 1.3.
NOTE: As of 2020, “SSL” is still an acceptable way to refer to secure connections, even if they use TLS. For example, many network and server admins say “SSL” when talking about secure connections that use TLS. Additionally, secure certificates are still called “SSL certificates,” even though most operate over TLS.
Updated November 14, 2020 by Per C.
APA
MLA
Chicago
HTML
Link
https://techterms.com/definition/tls
Copy