be Smart.
be Secure.
Phone: 800-441-6612

Infographic – SSL vs TLS: What is the Difference?

SSL (Secure Sockets Layer) and TLS (Transport Layer Security) are foundations of security on the Internet.  However, between colloquial usage and the relationship between these security protocols, there is a lot of confusion regarding how they are related, how they are different, and what to use in what situation.

For a detailed analysis of these differences and similarities, see: TLS versus SSL: What is the Difference?

The following infographic simplifies and summarizes the comparison.

SSL versus TLS: The Differences and Similarities

SSL versus TLS infographic

Share This Infographic On Your Site

Cyber Communication Security: SSL vs. TLS

TLS: Transport Layer Security

SSL: Secure Sockets Layer

SSL and TLS are protocols for data encryption and authentication between a client and a computer server. They create a secure connection for private communication across an unsecure network.

While SSL and TLS are not the only protocols of their kind, they are the two most common protocols for communications of sensitive data such as passwords, personal information, financial information, etc.

Protect your company’s systems from cyberattack, secure your communication, and stay HIPAA compliant using the right security protocol.

Protocol Overview

SSL v3.0 laid the foundation for TLS v1.0

Both use similar ciphers and message digests (though there are newer and better ciphers that are only available with newer versions of TLS such as TLS v1.0 and or v1.2).

Differences in how the secure communications are established are also evident and make TLS v1.0 (and higher) clearly stronger than SSL v3.0.

Which protocol is used – TLS v1.x or SSL v3.0 – is determined by a negotiation between the client and server, based on what software is installed on each and how each is configured.

SSL v3.0

  • Was exploited by the POODLE attack and is now obsolete

TLS v1.2

  • The newest, most widely-used TLS protocol
  • Enables better use of more secure ciphers
  • Features enhanced negotiation of the encrypted connections

Server Connection – How It Works

  • By Port (explicit) – “SSL”
    • Client connects to a secure port like:
      • 443 for https (secure web)
      • 993 for secure IMAP
      • 995 for secure POP

Note: Even though this explicit method can be called “SSL” in many places, it still may use TLS v1.0+ or SSL v3.0 for the actual connection, depending on what is negotiated.

  • By Protocol (implicit) – “TLS”
    • Client reaches out to an insecure server with a “handshake” and begins secure communication once the connection is successful (“client hello” and “server hello” messages are exchanged)
      • If the handshake proves to be unsuccessful, the connection is severed
      • This handshake is often called “STARTTLS”

If the client and server support multiple protocols, they must negotiate to agree upon which one they will use (note: websites that use SSL v3.0 have outdated security and should be updated ASAP).

Configuration – Which Protocol to Use

Server Configuration

  • Use the latest version of TLS and configure it properly
    • Extremely strong security (made even more secure with a high-quality security certificate)
  • Stay away from SSL v3.0 as it does not provide the proper level of security
    • Use only strong ciphers (especially if the server requires compliance)

Program Configuration

  • In terms of explicit vs. implicit connections, both SSL and TLS are fine options for program configuration (as long as they are supported by the server)
    • However, TLS should be used for the actual protocol

If no SSL to TLS protocol is selected, your connection to the server becomes easily accessible to prying eyes.

HIPAA Compliance – Requirements

SSL – SSL v3.0 must not be used (must be disabled along with SSL v2.0)

TLS – TLS v1.0 is allowed (newer versions are better)—


Comments are closed.

• Access Anywhere
• Fast and Robust
• Super Secure
• Tons of Features
• Customizable
• Mobile Friendly

Send and receive email from your favorite programs, including:

 Microsoft Outlook
 Mozilla Thunderbird
 Apple Mail
 Windows Mail

... Virtually any program that supports POP, IMAP, or SMTP

Keep your email, contacts, and calendars in sync:

 Apple iPhone and iPad
 Android Devices
 Windows Phone

... Any device with Exchange ActiveSync (EAS) support

Relay your server's mail through LuxSci via smarthost:

• Resolve issues with ISP sending limits and restrictions
• Improve deliverability with better IP reputation and IP masking
• Take advantage of Email Archival and HIPAA Compliance
• Even setup smarthosting from Google Apps!

Free web site hosting with any email account:

• Start with up to 10 web sites and MySQL databases
• DNS services for one domain included
• Tons of features and fully HIPAA capable

LuxSci's focus on security and privacy:

• Read The Case for Email Security
• Read Mitigating Security & Privacy Threats
• Review our Privacy Policy

The most accurate, flexible, and trusted filters in the business:

• Premium protection with Intel Security Saas
• Realtime virus database guards against the latest threats
• Seven-day quarantine lets you put eyes on every filtered email
• Supplement with our Basic Spam Filter for even more features

End-to-end secure email encryption — to anyone, from anyone:

• No setup required — encryption is automatic and easy to use
• Secure outbound email with TLS, PGP, S/MIME, or Escrow
• Free inbound encryption via our SecureSend portal
• Independent of your recipient's level of email security
• Widely compatible and fully HIPAA Compliant

Add an extra layer of security with an SSL Certificate:

• Secure your web site
• Debrand LuxSci WebMail with your own secure domain
• Access secure email services via your own secure domain

Encrypt your service traffic via secure tunnel:

• Add another layer of security to your SSL connections
• WebMail, POP, IMAP, SMTP, web/database access
• SecureForm posts, SecureLine Escrow, SecureSend access
• Restrict your account to VPN access only

Secure long-term message archival:

• Immutable, tamperproof email retention with audit trails
• No system requirements — minimal setup, even less upkeep
• Realtime archival of all inbound and outbound messages
• Works anywhere — even with non-LuxSci email hosting

Free data backups included with all email hosting accounts:

• Automatic backups of all email, WebAides, web/database data
• Seven daily backups and up to four weekly backups
• Unlimited restores included at no additional cost
• Custom backup schedules for dedicated servers

Automate your email management:

• Save messages to specific folders or to LuxSci WebAides
• Advanced text scanning with regular expressions
• Tag messages, alter subject lines, or add custom headers
• Filter by message charset, type, TLS status, DKIM status
• Chain filters together for even more complex actions

• Bulk add and edit users, aliases and more
• Control sharing and access globally or on a granular level
• Delegate user roles through permissions
• Configure account-wide taglines, sending restrictions, and more
• Remotely administer account via SOAP API

Share, collaborate, organize, synchronize:

• Calendars, Contacts, Documents, Notes, Widgets, Workspaces
• Fine-grained access control and security
• Access anywhere via secure web portal or smartphone
• Save over solutions like Microsoft Exchange

Free folder sharing for all email hosting accounts:

• Share mail folders with other users in your account
• Subscribe to only the folders you want to see
• Set read-only or read-write access control
• View all personal and shared folders via unified web interface

Color code and label your email messages:

• Define and assign multiple IMAP keywords to each message
• Filter, search, and sort by tags
• Compatible and synchronizes with any IMAP email client
• Also usable with WebAide entries