The Secure Sockets Layer (SSL) protocol was first introduced by Netscape in 1994. The Internet was growing and there was a need for transport security for web browsers and for various TCP protocols. Version 1.0 of SSL was never released because it had serious security flaws. The first official release of SSL, version 2.0, was out in 1995. The final version of the SSL protocol, SSL 3.0, was released in November 1996.
In 2011, the Internet Engineering Task Force (IETF) announced that SSL version 2.0 is deprecated. IETF recommended SSL v2 to be completely abandoned because according to a document that they released (RFC 6176) the protocol has several major deficiencies. These included using MD5 for message authentication, lack of protection for handshakes, using the same key for message integrity and encryption, and easy session termination. In June 2015, IETF also announced that SSL 3.0 is deprecated. As stated in a document released by IETF (RFC 7568), any TLS version is more secure than all versions of SSL. SSL also cannot use features of the TLS protocol such as Authenticated Encryption with Additional Data (AEAD), Elliptic Curve Diffie-Hellman (ECDH) and Elliptic Curve Digital Signature Algorithm (ECDSA), stateless session tickets, a datagram mode of operation (DTLS) and application-layer protocol negotiation.
TLS to the Rescue
The Transport Layer Security (TLS) protocol was first introduced in 1999 as an upgrade to SSL v3. The TLS 1.0 RFC document (RFC 2246) document states that the differences between TLS 1.0 and SSL 3.0 are not dramatic, but they are significant enough to preclude interoperability. TLS 1.1 (RFC 4346) was a minor update to TLS 1.0 released in April 2006. Some of the differences in this version included protections against Cipher Block Chaining (CBC) attacks. TLS 1.2 (RFC 5246) was released in August 2008. Changes included adding cipher-suite-specified pseudorandom functions (PRFs), adding AES cipher suites, removing IDEA and DES cipher suites, and several other enhancements.
The current version of TLS, TLS 1.3, was released in August 2018 (RFC 8446). It took IETF 10 years and 28 drafts to complete. This time, the protocol underwent some major changes with the focus on simplicity. Several unsafe technologies were removed, including SHA-1, MD5, RC4, DES, and 3DES. The protocol was streamlined for better performance: the handshake now requires only one round-trip (in some cases even zero). Other changes include encryption of SNI information for better privacy and a new signature standard (RSA-PSS). All modern browsers support TLS v1.3.
Get the latest content on web security
in your inbox each week.