What is SSL, TLS and HTTPS?
Secure Sockets Layer (SSL), Transport Layer Security (TLS) and Hypertext Transfer Protocol Secure (HTTPS) are protocols used to secure communication between the server and client, popular services such as Websites, Email and VoIP all use SSL/TLS to provide privacy and data integrity.
What is the difference?
You can think of SSL and TLS as the same thing to make it simple, TLS is the new standard of technology for the protocol but SSL/TLS are often used interchangeably to describe data encryption.
HTTPS is the non secure HTTP protocol used with the TLS protocol to encrypt the data sent from host to client.
TLS/SSL uses a combination of symmetric and asymmetric cryptography, this is needed to balance both performance and security when transmitting data.
Cryptography is a method of using advanced mathematical principles to encrypt and decrypt data, it is used to create secret keys for secure data transmission.
Symmetric cryptography method needs both the sender and recipient to have the same secret key, which is used for encryption and decryption of the data.
Asymmetric cryptography is a method of using two secret keys to encrypt data know as a Public key and Private key, data encrypted using the public key can only be decrypted with a private key and data encrypted by the private key can only be decrypted by the public key.
Why use SSL/TLS
All modern websites and applications today should use SSL/TLS to protect their data and users.
Websites which do not use HTTPS are often penalised in search results by Google and Bing and marked as insecure websites in browsers.
Users of your application or website will have more trust in your service and are often looking for security indicators on your site.