SSL is called TLS since version 3. (SSL 1.0 -> SSL 2.0 -> SSL 3.0 -> TLS 1.0 -> TLS 1.1 -> TLS 1.2 -> TLS 1.3). TLS 1.0 is sometimes called SSL 3.1.
TLS 1.3 is specified in RFC 8446. Version 1.2 is specified in RFC 5246.
TLS 1.3 is not directly compatible with previous versions of TLS. However, clients and servers can negotiate a common version with which they want to communicate.
Goal/purpose of TLS
TLS allows two parties («endpoints») to create a secure channel in which data can be exchanged between them.
TLS allows client/server applications to communicate over the Internet in a way that is designed to prevent eavesdropping, tampering, and message forgery.
The endpoint that initiates the connection is the client, the other one the server.
ClientKeyExchange message with session key that is encrypted with the server's public key
ChangeCipherSpec message to start using session key for hashing and encrypting messages
ClientFinished message
ServerFinished message
Key exchange modes
There are three basic key exchange modes in TLS:
(EC)DHE (Diffie-Hellman over either finite fields or elliptic curves)
PSK-only
PSK with (EC)DHE
PSK = Pre Shared Key
Relationship to SSH
Note to self: don't confuse SSL with SSH. Both allow to create a tunnel to exchange data in encrypted form with checked intergrity.
But SSL uses X.509 certificates while SSH uses their own format.
SSL certificate
Three types of certficates:
Domain validated (aka low assurance certificate)
Organization validated (aka high assurance certificate)
Extended validation (EV)
An SSL certificate is basically a text file with a digital signature: an authority signs the certficate with the authorities private key.
The SSL certificate contains
A domain, server or hostname
A name and a location
The certificate comes with a public/private key pair. This pair is used in the handshake phase: the client encrypts a symmetric key with the certificates public key.
An SSL certificate is trusted because it is either in a list of implicitly trusted certficates or it is trusted by one of the controllers of that list.