TLS (Transport Layer Security) is a protocol for establishing an encrypted channel between two network hosts. It is intended to provide both confidentiality and authentication, the latter through the use of a system of certificates. SSL (Secure Sockets Layer) was the predecessor to TLS, but the name is still used informally to refer to the TLS and SSL protocols collectively.

The channel provided by TLS has similar functionality to a TCP connection, making it a relatively straightforward matter to build TLS support into existing TCP-based protocols. Examples where this has been done include HTTP, SMTP, POP3, IMAP, FTP and LDAP.

Notable Open Source implementations of TLS include OpenSSL and GnuTLS. Each of these includes a library, a set of utility programs for certificate management, and a generic client and server that can be useful for troubleshooting. GnuTLS is licensed in a manner that is GPL-compatible whereas OpenSSL is not.


See also

Further reading