Transport Layer Security (TLS)

Transport Layer Security (TLS)

Nov 13, 2018

TLS is the successor to the Secure Sockets Layer (SSL). TLS is composed of two layers: the TLS Record Protocol and the TLS Handshake Protocol. The TLS Record Protocol provides connection security with some encryption methods such as the Data Encryption Standard (DES). The TLS Record Protocol can also be used without encryption. The TLS Handshake Protocol allows the server and client to authenticate each other and to negotiate an encryption algorithm and cryptographic keys before data is exchanged. The TLS protocol is based on Netscape’s SSL 3.0 protocol; however, TLS 1.1 and above are not interoperable with SSL. The most recent browser versions support TLS. The TLS Working Group, established in 1996, continues to work on the TLS protocol and related applications. TLS 1.1 or greater is the currently accepted standard. PCI-DSS extended the migration completion date to June 30, 2018 to a minimum standard of 1.1. NIST.gov TLS 1.0 is being turned off.

Sub Topics