Transport Layer Security (TLS) is a cryptographic protocol that protects data when it is transferred between devices over a network. It is commonly used to secure web-based applications over the internet.

Given the explosion in cloud services, mobile computing and IoT devices, the underlying technology to secure the data in transit has become of critical important.

At its core, TLS is made up of two protocols – the handshake protocol and the record protocol.

The handshake protocol is responsible for establishing secure communications between the client and server. The handshake steps are as follows:

• The client sends a ClientHello containing supported cipher suites, extensions (e.g., Server Name Identification) and its public key.
• The server responds with a ServerHello, choosing parameters and sending its own public key and certificate (if configured).
• Both parties then compute a shared session key (depending on the key exchange algorithm used) and finalise the handshake by verifying key authenticity.
• After the handshake is successfully completed, all communication is encrypted.

The record protocol is responsible for securing and transmitting application data after the handshake is completed. Some key features encryption and integrity using explicit encryption algorithms to ensure confidentiality and integrity, as well features that improve overall session efficiency (e.g., by enabling fewer round-trips to reduce latency).

The most recent version of TLS is v1.3, but care should be taken to ensure that compatability is always a consideration as much as security – there is no point in deploying the latest version of TLS with specific certificates and key exchange algorithms if your clients cannot connect to your services.

In summary, whilst TLS should be considered the default encryption protocol for securing web traffic, configuring an appropriate security profile and understanding its use cases and limitations is where the real value is.