SSL uses a combination of public-key and symmetric-key encryption to secure a connection between two machines, typically a Web or mail server and a client machine, communicating over the Internet or an internal network.
Using the OSI reference model as context, SSL runs above the TCP/IP protocol, which is responsible for the transport and routing of data over a network, and below higher-level protocols such as HTTP and IMAP, encrypting the data of network connections in the application layer of the Internet Protocol suite. The "sockets" part of the term refers to the sockets method of passing data back and forth between a client and a server program in a network, or between program layers in the same computer.
The Transport Layer Security (TLS) protocol evolved from SSL and has largely superseded it, although the terms SSL or SSL/TLS are still commonly used; SSL is often used to refer to what is actually TLS. The combination of SSL/TLS is the most widely deployed security protocol used today and is found in applications such as Web browsers, email and basically any situation where data needs to be securely exchanged over a network, like file transfers, VPN connections, instant messaging and voice over IP.
How it works
The SSL protocol includes two sub-protocols: the record protocol and the "handshake" protocol. These protocols allow a client to authenticate a server and establish an encrypted SSL connection. In what's referred to as the "initial handshake process," a server that supports SSL presents its digital certificate to the client to authenticate the server's identity. Server certificates follow the X.509 certificate format that is defined by the Public-Key Cryptography Standards (PKCS). The authentication process uses public-key encryption to validate the digital certificate and confirm that a server is in fact the server it claims to be.
Once the server has been authenticated, the client and server establish cipher settings and a shared key to encrypt the information they exchange during the remainder of the session. This provides data confidentiality and integrity. This whole process is invisible to the user. For example, if a webpage requires an SSL connection, the URL will change from HTTP to HTTPS and a padlock icon appears in the browser once the server has been authenticated.
The handshake also allows the client to authenticate itself to the server. In this case, after server authentication is successfully completed, the client must present its certificate to the server to authenticate the client's identity before the encrypted SSL session can be established.
The history of SSL
The SSL protocol was developed by Netscape Communications in the 1990s. The company wanted to encrypt data in transit between its flagship Netscape Navigator browser and Web servers on the Internet to ensure that sensitive data, such as credit card numbers, were protected. Version 1.0 was never publicly released and version 2.0, released in February 1995, contained a number of security flaws. Version 3.0 involved a complete redesign and was released in 1996. Even though it was never formally standardized -- the 1996 draft of SSL 3.0 was published by IETF as a historical document in RFC 6101 -- it became the de facto standard for providing communication security over the Internet.
After the IETF officially took over the SSL protocol to standardize it via an open process, version 3.1 of SSL was released as Transport Layer Security 1.0 and introduced security improvements to mitigate weaknesses that had been found in earlier versions. (The name was changed to avoid any legal issues with Netscape.) Many attacks against SSL have focused on implementation issues, but the POODLE vulnerability is a known flaw in the SSL 3.0 protocol itself, exploiting the way in which it ignores padding bytes when running in cipher block chaining (CBC) mode. This flaw could allow an attacker to decrypt sensitive information such as authentication cookies. TLS 1.0 is not vulnerable to this attack because it specifies that all padding bytes must have the same value and be verified.
Other key differences between SSL and TLS that make TLS a more secure and efficient protocol are message authentication, key material generation and the supported cipher suites with TLS supporting newer and more secure algorithms. TLS and SSL are not interoperable, though TLS provides backwards compatibility in order to work with legacy systems. TLS 1.2 is the latest version.