SSL and TLS are protocols that secure a specific application, for example, HTTP, SMTP, Telnet, and others. SSL Versions 1, 2, and 3 were developed by Netscape in the mid 1990s for their Navigator browser, while TLS is a standard from the IETF (RFC 2246, RFC 4492, RFC 5246, RFC 6176, and others). TLS 1.0 was first introduced in RFC 2246 in January 1999 as an upgrade of the SSL Version 3.0 (third paragraph at http://tools.ietf.org/html/rfc2246).
The TLS handshake protocol involves the following procedures for establishing a TLS connection:
- Exchange hello messages to agree on the algorithms to work with, and exchange random values for the key generation
- Exchange the necessary cryptographic parameters to allow the client and ...