首先现在你听到的关于 SSL 的东西,其实都是 TLS:
TLS is the up-to-date encryption protocol that is still being implemented online, even though many people still refer to it as ‘SSL encryption’. This can be a source of confusion for consumers shopping for security solutions. The truth is that any vendor offering ‘SSL’ these days is almost certainly providing TLS protection, which has been an industry standard for nearly twenty years. But since many folks are still searching for ‘SSL protection’, the term is still featured prominently on many product pages.
SSL has not been updated since SSL 3.0 in 1996 and is now considered to be deprecated. There are several known vulnerabilities in the SSL protocol and security experts recommend discontinuing its use. In fact, most modern web browsers no longer support SSL at all.
所以 SSL 的定义是:
SSL, or Secure Sockets Layer, is an encryption-based Internet security protocol. It was first developed by Netscape in 1995 for the purpose of ensuring privacy, authentication, and data integrity in Internet communications. SSL is the predecessor to the modern TLS encryption used today.
其次需要了解对称加密(Symmetric encryption)和非对称加密(Asymmetric encryption),以及为什么需要使用非对称加密:
MIT 的一门关于 SSL 的课程:
这个视频里面讲了很多关于 TLS 的发展细节:
原来 TLS1.2 是属于对称加密的,而 TLS1.3 是属于非对称加密的,所以只有 TLS1.3 以后,互联网数据传输才是真正安全的,而且 TLS1.3 的传输效率居然还比 TLS1.2 高~
