TLS is the primary mechanism to encrypt HTTP, which is then called HTTPS.

SSL became TLS after SLL 3.0.

TLS can be used to encrypt any communication over the internet.

TLS Architectures

You first establish a session to agree on security parameters, and then you create connections within that session to transmit data securely. This approach optimizes performance by reducing the overhead of repeatedly negotiating security parameters for each new connection.

Session State

Connection State

TLS History

TLS 1.3 Key Improvements

• Clean-up → Remove unsafe or unused features

Examples removed: MD5, SHA-1, Kerberos, static RSA/DH, compression, renegotiation

• Performance: 1-RTT and 0-RTT handshakes
• Security → Improve security with modern techniques
• Privacy → Encrypt more protocols