SSL: Secure Sockets Layer
Acronym Series

Written by: Scott Hammond, Senior Security Engineer
Connect with Scott on LinkedIn

In our Acronym Series, Nexum’s expert engineers define the industry’s most popular topics.

Acronym: SSL – Secure Sockets Layer

Definition: SSL was a protocol used to establish authenticated and encrypted communication between two network endpoints.


Did you say “was?”

SSL was developed by Netscape in 1995 to secure traffic from clients to web servers. SSL version 1.0 was never released, as it was determined that it contained serious security flaws. Later in 1995 version 2.0 was released, also containing several vulnerabilities. Fast-forward to 1996, when version 3.0 was released as a total revamp of the previous security versions. When even more flaws were discovered, that was pretty much the end for SSL and it was deprecated in 1999 in favor of its successor, Transport Layer Security (TLS). Despite few technical differences between the two, the name change was largely to decouple that association with Netscape and likely to leave behind some of the bad memories.

Why do we still say “SSL” if it doesn’t exist anymore?

Branding is the answer. As with most modern technologies, particularly where security is concerned, there have been some bumpy roads getting us to where we are today. Think of the game Hacky Sack. You rarely hear it called its actual name, “footbag.” People prefer to use the popular brand name that they are most familiar with. Similarly, we still speak fluidly about SSL decryption when in reality we are talking about TLS decryption.

Check Out More Resources

Nexum Resources

Enterprise Logging Best Practices

Each quarter, the managed security team at Nexum shares insights from our first*defense SNOCC. In this post, we decided to share some general logging best practices that are likely to benefit every organization.

Read More »