U.S. flag   An unofficial archive of your favorite United States government website

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Glossary
A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

Secure Sockets Layer (SSL)

Abbreviation(s) and Synonym(s):

SSL
Transport Layer Security (TLS)

Definition(s):

  Provides privacy and data integrity between two communicating applications. It is designed to encapsulate other protocols, such as HTTP. TLS v1.0 was released in 1999, providing slight modifications to SSL 3.0.
Source(s):
NIST SP 800-95 under Transport Layer Security (TLS) IETF RFC 2246

  Provides privacy and reliability between two communicating applications. It is designed to encapsulate other protocols, such as HTTP. SSL v3.0 was released in 1996. It has been succeeded by IETF's TLS.
Source(s):
NIST SP 800-95 SSL 3.0 specification

  A protocol used for protecting private information during transmission via the Internet. Note: SSL works by using the service public key to encrypt a secret key that is used to encrypt the data that is transferred over the SSL session. Most web browsers support SSL and many web sites use the protocol to obtain confidential user information, such as credit card numbers. By convention, URLs that require an SSL connection start with “https:” instead of “http:”. The default port for SSL is 443.
Source(s):
CNSSI 4009-2015 under secure socket layer (SSL)

  See Transport Layer Security (TLS).
Source(s):
NIST SP 800-63-3

  An authentication and security protocol widely implemented in browsers and web servers. TLS is defined by RFC 5246. TLS is similar to the older SSL protocol, and TLS 1.0 is effectively SSL version 3.1. NIST SP 800-52, Guidelines for the Selection and Use of Transport Layer Security (TLS) Implementations, specifies how TLS is to be used in government applications.
Source(s):
NIST SP 800-63-3 under Transport Layer Security (TLS)

  An authentication and security protocol widely implemented in browsers and web servers. TLS is defined by RFC 5246. TLS is similar to the older SSL protocol, and TLS 1.0 is effectively SSL version 3.1. NIST SP 800-52, Guidelines for the Selection and Use of Transport Layer Security (TLS) Implementations [NIST SP 800-52], specifies how TLS is to be used in government applications.
Source(s):
NIST SP 800-63-3 under Transport Layer Security (TLS)

  An authentication and security protocol widely implemented in browsers and web servers. SSL has been superseded by the newer Transport Layer Security (TLS) protocol; TLS 1.0 is effectively SSL version 3.1.
Source(s):
NIST SP 800-63-2 [Superseded]

  An authentication and security protocol widely implemented in browsers and web servers. TLS is defined by [RFC 2246], [RFC 3546], and [RFC 5246]. TLS is similar to the older Secure Sockets Layer (SSL) protocol, and TLS 1.0 is effectively SSL version 3.1. NIST SP 800-52, Guidelines for the Selection and Use of Transport Layer Security (TLS) Implementations specifies how TLS is to be used in government applications.
Source(s):
NIST SP 800-63-2 under Transport Layer Security (TLS) [Superseded]