HTTP & Networking
What is TLS?
The cryptographic protocol that encrypts and authenticates network traffic—the security layer under HTTPS, SMTPS, and most modern protocols.
TLS (Transport Layer Security) provides three guarantees: confidentiality (no third party can read the traffic), integrity (no third party can modify it without detection), and authentication (the client knows it's really talking to the named server, via the certificate chain).
A TLS handshake negotiates a cipher suite, exchanges certificates, and derives a session key, all in 1-2 round trips for TLS 1.3. After that, every byte of application data is encrypted with a symmetric cipher (typically AES-GCM or ChaCha20-Poly1305) until the session ends.
TLS 1.3 (2018) was a substantial cleanup over 1.2: fewer round trips, simpler cipher suite choices, mandatory forward secrecy, and the removal of many known-weak primitives. As of 2026 TLS 1.3 is the default in every major browser and server stack.
FAQ
TLS vs SSL?
TLS is the modern name. SSL is the deprecated predecessor, same family, same purpose, but every actual SSL version has been broken and removed.
What's a TLS handshake?
The negotiation at the start of a connection where client and server agree on a protocol version and cipher, exchange certificates, and derive a shared session key.
Why does TLS 1.3 matter?
It's faster (1-RTT handshake, sometimes 0-RTT for resumed sessions), cleaner (forward secrecy is mandatory, weak ciphers are gone), and more private (the certificate is encrypted in the handshake).
Related terms
A deprecated cryptographic protocol that secured network traffic before TLS replaced it. The name persists colloquially.
HTTP encrypted with TLS, the same protocol, but every byte on the wire is authenticated and protected from eavesdroppers.
The application protocol the web is built on, a simple request/response format for asking a server for a resource.