U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Computer Security Resource Center

Computer Security Resource Center

    Glossary
A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

Transport Layer Security (TLS)

Abbreviation(s) and Synonym(s):

TLS

Definition(s):

  Provides privacy and data integrity between two communicating applications. It is designed to encapsulate other protocols, such as HTTP. TLS v1.0 was released in 1999, providing slight modifications to SSL 3.0.
Source(s):
NIST SP 800-95 from IETF RFC 2246

  A security protocol providing privacy and data integrity between two communicating applications. The protocol is composed of two layers: the TLS Record Protocol and the TLS Handshake Protocol.
Source(s):
NIST SP 1800-21B from CNSSI 4009-2015
CNSSI 4009-2015 [Superseded] under transport layer security (TLS) protocol from IETF RFC 5246 - Adapted

  Provides privacy and reliability between two communicating applications. It is designed to encapsulate other protocols, such as HTTP. SSL v3.0 was released in 1996. It has been succeeded by IETF's TLS.
Source(s):
NIST SP 800-95 under Secure Sockets Layer (SSL) from SSL 3.0 specification

  See Transport Layer Security (TLS).
Source(s):
NIST SP 800-63-3 under Secure Sockets Layer (SSL)

  An authentication and security protocol widely implemented in browsers and web servers. TLS is defined by RFC 5246. TLS is similar to the older SSL protocol, and TLS 1.0 is effectively SSL version 3.1. NIST SP 800-52, Guidelines for the Selection and Use of Transport Layer Security (TLS) Implementations, specifies how TLS is to be used in government applications.
Source(s):
NIST SP 800-63-3

  An authentication and security protocol that is widely implemented in browsers and web servers. TLS is defined by RFC 5246 and RFC 8446. TLS is similar to the older Secure Sockets Layer (SSL) protocol, and TLS 1.0 is effectively SSL version 3.1. [NIST SP 800-52] specifies how TLS is to be used in government applications.
Source(s):
NIST SP 800-57 Part 2 Rev.1 under Transport Layer Security (TLS) protocol

  An authentication and security protocol widely implemented in browsers and web servers. TLS is defined by RFC 5246. TLS is similar to the older SSL protocol, and TLS 1.0 is effectively SSL version 3.1. NIST SP 800-52, Guidelines for the Selection and Use of Transport Layer Security (TLS) Implementations [NIST SP 800-52], specifies how TLS is to be used in government applications.
Source(s):
NIST SP 800-63-3

  An authentication and security protocol widely implemented in browsers and web servers. TLS is defined by RFC 5246 and RFC 8446.
Source(s):
NIST SP 1800-16B
NIST SP 1800-16C
NIST SP 1800-16D

  An authentication and encryption protocol widely implemented in browsers and Web servers. HTTP traffic transmitted using TLS is known as HTTPS.
Source(s):
NISTIR 7711 under Transport Layer Security

  An authentication and security protocol widely implemented in browsers and web servers. SSL has been superseded by the newer Transport Layer Security (TLS) protocol; TLS 1.0 is effectively SSL version 3.1.
Source(s):
NIST SP 800-63-2 [Superseded] under Secure Sockets Layer (SSL)

  An authentication and security protocol widely implemented in browsers and web servers. TLS is defined by [RFC 2246], [RFC 3546], and [RFC 5246]. TLS is similar to the older Secure Sockets Layer (SSL) protocol, and TLS 1.0 is effectively SSL version 3.1. NIST SP 800-52, Guidelines for the Selection and Use of Transport Layer Security (TLS) Implementations specifies how TLS is to be used in government applications.
Source(s):
NIST SP 800-63-2 [Superseded]