TLS Protocol¶

TLS Protocol (Transport Layer Security) is a cryptographic protocol designed to provide secure communication over a computer network^[600-developer__tools__security__000-MOC-security.md]. It is widely used to encrypt data transmitted between web browsers and servers, ensuring the privacy and integrity of sensitive information^[600-developer__tools__security__000-MOC-security.md].

The protocol functions through a combination of asymmetric and symmetric encryption. Asymmetric encryption is used during the initial handshake to securely exchange keys and verify the server's identity, typically via digital certificates^[600-developer__tools__security__000-MOC-security.md]. Once the handshake is complete, symmetric encryption is utilized to encrypt the actual application data, offering better performance for the session^[600-developer__tools__security__000-MOC-security.md].

A core component of TLS is the reliance on [[Digital certificates]] and [[Public Key Infrastructure]] (PKI). Certificates serve to authenticate the server to the client, preventing man-in-the-middle attacks^[600-developer__tools__security__000-MOC-security.md]. These certificates are often issued by a [[Certificate Authority]] (CA) or generated via tools like OpenSSL^[600-developer__tools__security__000-MOC-security.md].

Related Concepts¶

• [[Cryptography]]
• [[Digital certificates]]
• OpenSSL
• HTTP Strict Transport Security

Sources¶

• 600-developer__tools__security__000-MOC-security.md