18.1. Introduction
TLS provides transport layer security for Internet applications. It provides for confidentiality and data integrity over a connection between two end points. TLS operates on a reliable transport, such as TCP, and is itself layered into the TLS Record Protocol and the TLS Handshake Protocol.
One advantage of TLS is that applications can use it transparently to securely communicate with each other. Another is that TLS is visible to applications, making them aware of the cipher suites and authentication certificates negotiated during the setup phases of a TLS session; whereas with Internet Protocol Security (IPsec) security policies are usually not visible to each application individually, which makes it difficult to assess whether there is adequate security in place.
TLS allows for a variety of cipher suites to be negotiated, for the use of compression and for a TLS session to span multiple connections. This reduces the overhead of having to perform an expensive TLS handshake for each new parallel connection between applications. It is also possible to resume a session: this means that the client and server can agree to use a previously negotiated session – if one exists in their session cache – instead of performing the full TLS handshake.
Get The IMS: IP Multimedia Concepts And Services, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
