TLS is an encryption protocol that works on top of TCP and sometimes UDP as well. Because it sits on top of the transport layer, it allows protocols higher in the chain to remain unchanged, such as HTTP, for example.
The protocol hides the actual data being sent across the wire. Attackers can only see what port, domain, and IP address are connected with it. They could also track how much data is being transferred.
Once the TCP connection is established, the TLS handshake is started by the client (through the browser or another user agent client application). The client starts the TLS conversation by asking a series of questions:
- Which version of SSL/TLS is it running?
- What cipher suites does it want to use?
- What compression methods does it want to use?
The client chooses the highest level of the TLS protocol supported by both the client and server. The compression...