If any one of the above steps fails, then the TLS handshake fails and the connection is not created.
Developers of web browsers have also revised their products to defend against potential security weaknesses after these were discovered (see TLS/SSL support history of web browsers).
The TLS protocol comprises two layers: the TLS record and the TLS handshake protocols.
TLS is a proposed Internet Engineering Task Force (IETF) standard, first defined in 1999 and updated in RFC 5246 (August 2008) and RFC 6176 (March 2011).
It builds on the earlier SSL specifications (1994, 1995, 1996) developed by Netscape Communications Client-server applications use the TLS protocol to communicate across a network in a way designed to prevent eavesdropping and tampering.
As of January 2018 A digital certificate certifies the ownership of a public key by the named subject of the certificate, and indicates certain expected usages of that key.
This allows others (relying parties) to rely upon signatures or on assertions made by the private key that corresponds to the certified public key.
As a consequence of choosing X.509 certificates, certificate authorities and a public key infrastructure are necessary to verify the relation between a certificate and its owner, as well as to generate, sign, and administer the validity of certificates.
While this can be more convenient than verifying the identities via a web of trust, the 2013 mass surveillance disclosures made it more widely known that certificate authorities are a weak point from a security standpoint, allowing man-in-the-middle attacks (MITM).
As a result, secure configuration of TLS involves many configurable parameters, and not all choices provide all of the privacy-related properties described in the list above (see the § Key exchange (authentication), § Cipher security, and § Data integrity tables).
Attempts have been made to subvert aspects of the communications security that TLS seeks to provide and the protocol has been revised several times to address these security threats (see § Security).
Websites are able to use TLS to secure all communications between their servers and web browsers.