Transport Layer Security- Internet Protocol Guide
What TLS Actually Is (And What It's Not)
Transport Layer Security is a cryptographic protocol designed to secure communications over computer networks. People confuse it with SSL (Secure Sockets Layer), its predecessor. TLS is what you're actually using when you see that padlock icon in your browser. SSL is dead — stop mentioning it like it's still relevant.
The protocol sits between the application layer (HTTP, SMTP, FTP) and the transport layer (TCP) in the OSI model. It doesn't replace TCP. It wraps around it and adds encryption, authentication, and integrity checking.
Your IP packets still get routed the same way. TLS just makes sure nobody between point A and point B can read or tamper with the data inside them.
How TLS Works With Internet Protocol
Here's the part most articles complicate unnecessarily. TLS over IP follows a simple sequence:
- Client initiates a TCP connection to the server on port 443 (for HTTPS)
- TCP handshake completes first — this is pure IP/TCP work
- TLS handshake begins over the established TCP connection
- Ciphers are negotiated, keys are exchanged, encryption begins
- Application data flows encrypted through the same TCP socket
The IP layer doesn't know TLS exists. It routes packets based on headers, not content. TLS encrypts the payload of your packets, not the routing information. Your destination IP is still visible. What gets hidden is the actual data you're sending — usernames, passwords, API keys, everything.
The TLS Handshake: What's Actually Happening
When your browser connects to a secure site, here's the real sequence:
- Client sends a ClientHello message listing supported TLS versions and cipher suites
- Server responds with its Certificate and a ServerHello picking the TLS version and cipher
- Client verifies the server's certificate against trusted Certificate Authorities
- Client generates a pre-master secret or uses ephemeral key exchange (ECDHE)
- Both sides derive the session keys from this secret
- Both send ChangeCipherSpec messages signaling encrypted communication
- Encrypted data exchange begins
Modern TLS 1.3 trimmed this down significantly. The handshake now completes in one round trip instead of two, and cipher suites are simplified.
TLS Versions: What You Should Be Using
Three versions matter in practice:
| Version | Status | Handshake | Recommended |
|---|---|---|---|
| TLS 1.0 | Deprecated | 2 RTT | No |
| TLS 1.1 | Deprecated | 2 RTT | No |
| TLS 1.2 | Widely supported | 2 RTT (1 RTT with RSA) | Minimum if 1.3 unavailable |
| TLS 1.3 | Current standard | 1 RTT | Yes — always |
PCI DSS requirements killed TLS 1.0 and 1.1 for payment processing. Most modern browsers have dropped support for anything below 1.2. If you're running TLS 1.0 anywhere, you're overdue for an upgrade.
Why TLS 1.3 Actually Matters
TLS 1.3 removed support for weak cipher suites that could be exploited. RSA key exchange is gone — it didn't provide forward secrecy. Now only ephemeral key exchanges (ECDHE) are allowed, which means compromised keys can't decrypt past sessions.
The protocol also removed renegotiation, which had security issues. And it standardized 0-RTT resumption, allowing clients to send encrypted data immediately on reconnect — useful for high-latency connections.
Cipher Suites: What You're Actually Encrypting With
A cipher suite is a specific combination of algorithms:
- Key exchange algorithm — how client and server agree on keys (RSA, ECDHE, DHE)
- Authentication algorithm — how the server proves its identity (RSA, ECDSA)
- Bulk encryption algorithm — how data gets encrypted (AES-128-GCM, AES-256-GCM, ChaCha20)
- MAC algorithm — how data integrity gets verified (AEAD replaces HMAC in modern TLS)
Here's a TLS 1.2 example: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Here's a TLS 1.3 example: TLS_AES_128_GCM_SHA256
Notice the TLS 1.3 version is shorter. That's because 1.3 locked down the key exchange and authentication — you only specify the bulk cipher now. Simpler means fewer misconfigurations.
What Cipher Suites Should You Actually Support?
For TLS 1.3, you only need a few:
- TLS_AES_128_GCM_SHA256
- TLS_AES_256_GCM_SHA384
- TLS_CHACHA20_POLY1305_SHA256
For TLS 1.2 fallback (and you will need it for older clients), keep these ECDHE suites:
- ECDHE-ECDSA-AES128-GCM-SHA256
- ECDHE-RSA-AES128-GCM-SHA256
- ECDHE-ECDSA-AES256-GCM-SHA384
- ECDHE-RSA-AES256-GCM-SHA384
Drop RSA key exchange entirely. Drop 3DES. Drop anything with RC4 or MD5. Those are attack vectors, not features.
TLS Certificates: The Authentication Layer
TLS uses X.509 certificates to prove server identity. When you connect to example.com, your browser checks that the certificate presented:
- Is signed by a trusted Certificate Authority (CA)
- Hasn't expired
- Has a Common Name (CN) or Subject Alternative Name (SAN) matching the domain you accessed
Certificate types you'll encounter:
- DV (Domain Validation) — Proves you control the domain. Fast to issue, cheap or free (Let's Encrypt). Suitable for most use cases.
- OV (Organization Validation) — CA verifies the organization exists. Shows company name in certificate details.
- EV (Extended Validation) — Full background check on the organization. Green address bar in older browsers. Not worth the cost for most sites.
Wildcard certificates cover subdomains (*.example.com). They simplify certificate management but create security risks — if one private key is compromised, all subdomains are compromised.
Certificate Chains: Why Your Server Might Fail
Your server certificate is signed by an intermediate CA, not a root CA directly. Browsers trust root CAs and follow the chain down. If your server doesn't send the intermediate certificates, browsers can't complete the chain and you'll see SSL errors.
Most web servers concatenate the server certificate with intermediate certificates into a single file. Check your chain with:
openssl s_client -connect example.com:443 -showcerts
TLS and IP: Performance Realities
TLS adds latency. Here's why people care about TLS 1.3's 1-RTT handshake:
- TCP handshake: ~30-50ms on broadband, ~200-300ms on mobile
- TLS 1.2 handshake: +50-100ms (second round trip)
- TLS 1.3 handshake: +25-50ms (merged with TCP in QUIC, or just 1 RTT)
Session resumption cuts this further. TLS session tickets let clients reconnect without a full handshake. TLS 1.3's 0-RTT mode sends encrypted data immediately, though this has replay attack risks for sensitive operations.
CPU overhead exists but is negligible on modern hardware. AES-NI instructions handle encryption in hardware. A busy server won't notice TLS load unless you're doing thousands of handshakes per second — then use session tickets to reduce the overhead.
Common TLS Misconfigurations to Fix
Most SSL Labs scan failures come from a handful of issues:
- Supporting outdated TLS versions — Disable TLS 1.0 and 1.1 in your server config
- Weak cipher suites enabled — Remove RC4, 3DES, export ciphers
- Missing certificate chain — Include intermediate certificates
- Self-signed certificates in production — Get a real cert or use Let's Encrypt
- Outdated OpenSSL — Update to patch vulnerabilities like Heartbleed, POODLE
Getting Started: Configuring TLS on Your Server
Here's how to get a solid TLS configuration running. These are example configurations — adapt them to your server software.
Nginx
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers 'TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256';
ssl_prefer_server_ciphers off;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 1d;
Apache
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
SSLHonorCipherOrder off
Testing Your Configuration
Run your site through SSL Labs SSL Test at ssllabs.com. Aim for an A rating or higher. The test checks certificate chain, protocol support, cipher strength, and known vulnerabilities.
For quick command-line checks:
openssl s_client -connect example.com:443 -tls1_3
If it connects, TLS 1.3 works. If it fails with a protocol error, you have a configuration problem to fix.
TLS 1.3 and QUIC: Where Things Are Going
QUIC is a transport protocol built on UDP that integrates TLS 1.3 directly. HTTP/3 uses QUIC by default. The handshake completes in 0-RTT because QUIC combines connection establishment and encryption — no separate TLS layer sitting on top of TCP.
This means HTTP/3 connections are faster on high-latency networks. Packet loss doesn't block the stream the way TCP head-of-line blocking does in HTTP/2. Major CDNs (Cloudflare, Fastly, Akamai) already support HTTP/3.
TLS isn't going anywhere. It's being embedded deeper into protocols rather than sitting above transport layers. The security properties remain the same — encryption, authentication, integrity — just with less overhead.
What You Should Actually Do
If you're running a web server today:
- Enable TLS 1.3 and TLS 1.2 only
- Use modern cipher suites (ECDHE with AES-GCM or ChaCha20)
- Get a certificate from Let's Encrypt (it's free)
- Redirect all HTTP traffic to HTTPS
- Test with SSL Labs and fix any issues
- Enable HSTS to force HTTPS connections
If you're building an application that uses TLS:
- Use a modern TLS library (OpenSSL, BoringSSL, mbed TLS, or your language's native SSL/TLS support)
- Don't implement TLS yourself — use the library
- Keep the library updated
- Verify certificates properly — don't disable validation for "testing"
TLS isn't complicated. The basics take an afternoon to understand. The configuration takes an hour to get right. The rest is keeping things updated as vulnerabilities get discovered — because they will be.