From InfoAnarchy
Jump to: navigation, search

See also: Security | Cryptography | SSL

Acronym: Transport Layer Security

The more secure successor to Secure Sockets Layer (SSL). It is based on the SSL protocol but the systems are not interoperable. However, TLS does allow backing down to SSL 3.0. Internet Explorer does not currently support TLS and no plan to impliment it is yet known.

According to the RFC, TLS has three major goals, in order of their priority:

1. Cryptographic security: TLS should be used to establish a secure

connection between two parties.

2. Interoperability: Independent programmers should be able to

develop applications utilizing TLS that will then be able to

successfully exchange cryptographic parameters without knowledge

of one another's code.

3. Extensibility: TLS seeks to provide a framework into which new

public key and bulk encryption methods can be incorporated as

necessary. This will also accomplish two sub-goals: to prevent

the need to create a new protocol (and risking the introduction

of possible new weaknesses) and to avoid the need to implement an

entire new security library.

4. Relative efficiency: Cryptographic operations tend to be highly

CPU intensive, particularly public key operations. For this

reason, the TLS protocol has incorporated an optional session

caching scheme to reduce the number of connections that need to

be established from scratch. Additionally, care has been taken to

reduce network activity.