What is Transport Layer Security (TLS)?
Similar to SSL, Transport Layer Security (TLS) is a security protocol that is widely adopted for privacy and data security for online communication.
SSL is used for encrypting communication between web applications and servers. This action is commonly known as website loading. TLS is built for this and beyond.
So what is the primary difference between TLS and SSL? TLS is used in a wider range of data privacy protection such as email and voice over IP (VOIP).
A brief history of TLS and SSL
TLS’s predecessor, SSL was developed by Netscape in 1995. SSL version 1.0 and 2.0 contained many security flaws that required a complete redesign of the security protocol.
In 1996, Netscape once again released another SSL version, SSL 3.0, a more secure protocol compared to the two previous versions. It is also considered the beginning of TLS 1.0 as the protocol was built based on SSL.
In 1999, PCI Council suggested that SSL should depreciate and be replaced by TLS 1.0 as it is a significant upgrade from SSL 3.0.
TLS 1.1 came out 7 years later in 2006 before it’s replaced by TLS 1.2 within 2 years. Later in 2018, TLS 1.3 was finalized and ready.
TLS 1.3 offers significant improvement over its predecessors, and many big tech companies are now pushing for its proliferation. Cloudflare, Microsoft and Google have all announced to deprecate both TLS 1.0 and 1.1, making TLS 1.3 the only support security layer.
How this new TLS update affects you?
On 1st July 2021, Exabytes will deprecate TLS 1.0 and 1.1 in all our shared environments. This includes your websites and email services that are hosted with us. This new protocol will significantly increase the security encryption between server and client, giving you better security.
This deprecation of TLS 1.0 and 1.1 will primarily affect non-browser software, APIs, and other internet infrastructure.
What do you need to do?
Exabytes servers will be updated to TLS 1.2. This change will affect clients that are using an email client such as Microsoft Outlook 2003 to send email through our servers with the latest TLS. The email sending function will not be able to work. One of the workarounds is to update your email client to a newer version, for example, Microsoft Outlook 2019 or Microsoft 365.
SSL Cert is different from protocols
It’s important to note that certificates are not dependent on protocols. SSL and TLS are protocols. They need a certificate installed on the server for the protocols to work.
Due to the change of naming on the protocols, some may refer to the cert as SSL/TLS Certificate. However, there is no need to change from SSL Certificate to TLS Certificate for your encryption to work. This is because the protocols are determined by your server configuration, not the certificates.
A TLS certificate is issued by a certificate authority to the person or business that owns a domain. The certificate contains important information about who owns the domain, along with the server’s public key, both of which are important for validating the server’s identity.
For now, you are likely to still see certificates referred to as SSL Certificates instead of TLS Certificates as it is a term more people are familiar with.
TLS vs SSL
There are three main components TLS protocol accomplishes: Encryption, Authentication, and Integrity.
Encryption is hiding the data being transferred from third parties to someone else. Authentication ensures that the parties exchanging information are who they claim to be. Integrity is verifying that the data has not been forged or tampered with before reaching the intended recipient.
TLS is more efficient when it comes to handling of protocols. It also has a stronger message authentication to prevent message forgery, especially against unauthorised people who try to change the original message. Although TLS and SSL are not interoperable, TLS does offer backward compatibility for older devices that are still using SSL.
In a nutshell, there is not much difference between SSL and TLS. Many will still continue to use the term SSL and TLS interchangeably. However, in terms of server configuration, there are some major architectural and functional differences, overall secure server, protocol vulnerabilities and outdated cipher.
If you are unsure about how depreciating TLS 1.0 & 1.2 might affect you, feel free to talk to our technical support or sales team for help.