For twelve years, the standard internet encryption has been Transport Layer Security (TLS) 1.2. Following its roots takes you back to the first version of the Secure Sockets Layer (SSL) protocol, which was developed in 1995 by Netscape but never released due to it being riddled with security vulnerabilities. SSL 2.0 and 3.0 quickly followed and were released but also had their issues.
The first iteration of TLS – 1.0 – was based upon SSL 3.0, and was published in 1999 by the Internet Engineering Task Force (IETF). While there are differences, the two protocols share enough similarities that SSL and TLS are often used interchangeably.
In 25 years, we’ve seen the protocols improve, but it’s been incredibly slow going. That’s because TLS, and SSL before it, are both formed on open standards and, in order for them to effectively evolve, they need to be adopted en masse. Device manufacturers, web browser providers, applications (Facebook and its servers, for instance), all have to adopt to ensure there aren’t gaps – but that involves millions of moving parts.
That’s why, despite TLS 1.3 being around since 2018 and offering greater security that TLS 1.2, the latter that remains the de facto standard. There is a big push from US organizations for its widespread adoption, but it’s going to take time.
Other standard protocols that continue to be used are the Domain Name System (DNS) and Hypertext Transfer Protocol (HTTP). The former is often referred to as the “phonebook of the internet’”and is effectively a huge database filled with IP addresses. The latter is used to send data over the connection. Bot ..
Support the originator by clicking the read the rest link below.
