I've heard people beginning to debate the usefulness of SSL. Why do some people think that it is no longer useful,...
and what's in store for the future of SSL?
I haven't heard these debates in security circles, and I seriously doubt that Secure Sockets Layer (SSL) is going to fade away anytime soon. Only a serious flaw or other watershed event could prevent its use. SSL is simply far too entrenched in Web browsers, SSH tools, VPNs and other technologies. It provides practical, easy-to-use encryption that's widely available in almost every security solution on the market today.
In fact, if we see any change in the near future, I think it will be an upsurge in SSL utilization. As more applications handle sensitive data, we're likely to see additional applications move to SSL-based technology. For example, SSL VPNs are becoming more popular than their IPsec-based cousins.
As you may be aware, there's another competitor of sorts on the scene. Transport Layer Security (TLS) is an open alternative to the Netscape-developed SSL, but it's really not gaining significant market share. TLS and SSL are substantially similar, and TLS is even capable of reverting to SSL communication when necessary. I suspect we'll continue to see TLS available in commercial products (especially those from Netscape!), but it's not likely to surpass SSL anytime soon.
Dig Deeper on SSL and TLS VPN Security
Related Q&A from Mike Chapple
New guidance from the PCI SSC includes some essential aspects of tokenization security and what merchants need to know about tokenization products.continue reading
HIPAA data breach reporting now uses an electronic Web portal, so what does this mean for covered entities? Expert Mike Chapple explains.continue reading
Complex compliance mandates can lead to compliance fatigue. Expert Mike Chapple explains how to develop an effective compliance management plan.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.