When it comes to encrypted connections for websites, the term SSL is most commonly used. However, modern browsers actually work with TLS rather than SSL. These two terms are so closely related that even specialists tend to use them interchangeably out of habit. In reality, SSL has long been considered outdated and insecure technology.
History of SSL
The SSL protocol, which stands for Secure Sockets Layer, was developed by Netscape in 1995. The first widely used version was SSL 2.0, which had many security vulnerabilities. Then in 1996, SSL 3.0 was released and was significantly more advanced. But as the internet and cryptography evolved, more weaknesses of SSL became apparent. The famous POODLE attack in 2014 caused SSL 3.0 to be completely abandoned.
When and why TLS appeared
The TLS protocol, meaning Transport Layer Security, was introduced in 1999 as the successor to SSL. Essentially, TLS 1.0 was an improved version of SSL 3.0 and was adopted by the IETF organization in accordance with the RFC 2246 standard. The reason for the name change was that the protocol was no longer a Netscape proprietary technology but became an open international standard. TLS 1.1 appeared in 2006 and TLS 1.2 in 2008, remaining the main standard for a long time.
TLS 1.3 and modern requirements
Released in 2018, TLS 1.3 is considered the most modern and secure version today. It completely abandoned outdated and weak algorithms, leaving only reliable cryptographic methods. In addition, the handshake process was accelerated, which significantly reduced page loading times. The PCI DSS standard now prohibits the use of versions lower than TLS 1.2, and most modern browsers have stopped supporting TLS 1.0 and 1.1.
Why people still say SSL
From a technical point of view, almost all certificates are intended for TLS, but due to historical habit they continue to be called SSL certificates. Products on the market are also presented under this same name because the term is more familiar to users. For website owners this is not particularly important, the main thing is that the server using the certificate supports modern TLS versions.
Sayt.uz practice
All certificates in our service work exclusively with TLS 1.2 and higher. According to statistics, during 2035 more than 4200 certificates were issued through Sayt.uz, 78 percent of which support TLS 1.3. The free DV certificate costs 0 sum, OV certificate starts from 540 thousand sum per year, and EV options from 2 million 100 thousand sum. The system automatically checks each certificate and warns about outdated protocols.