Curious, when you tell someone they need to access a website securely (or any other case where you might use the term TLS or SSL), do you:
1. Say SSL or TLS?
2. How old are you (or did you start working before 1999?)
I'll reply with my answer too.
tptacek · 34s ago
I say TLS, and started working in the field in 1994.
amiga386 · 14m ago
I say HTTPS certificate.
If I need to specifically say SSL or TLS, it's SSL (as in OpenSSL, LibreSSL, BoringSSL, SSL certificates, Qualys SSL Labs, SSL Server Test). TLS is a made up name for SSL.
I do say e.g. "TLSv1.2" if I need to name the specific protocol, that's about it.
I was working before 1999.
Octoth0rpe · 3m ago
1. SSL
2. Started working in 2000, right on the boundary
firesteelrain · 9m ago
I tell my developers to be compliant that they need to use TLS/SSL
gryfft · 15m ago
Reflex is to say SSL but usually correct myself to TLS. Started in IT in 2006 (was a nerd a few years before that though)
jozvolskyef · 13m ago
I second this, started around the same time.
Rendello · 15m ago
SSL, started programming in maybe 2012. Possibly because of HTTPS or similarity with SSH.
curmudgeon22 · 18m ago
SSL, started computer science in 2010
jedberg · 14m ago
I was going to reply to you and tell you that you're too young to be a curmudgeon, but then I realized, no, I'm just old!
jedberg · 22m ago
1. SSL
2. Started working before 1999
chollida1 · 2h ago
> As a part of the cutthroat competition, Microsoft decided to revise the SSL 2 protocol with some additions of their own, and specified a protocol called "PCT" that was derived from SSL 2. It was only supported in IE and IIS.
> Netscape also wanted to address SSL 2 issues, but wasn't going to let Microsoft take leadership/ownership in the standard, so they developed SSL 3.0, which was a more significant departure.
I remember this moment and this is where I realized that Microsoft wasn't always the bad guy here. They had the better implementation and were willing to share it. But Netscape in this instance acted like kids and wouldn't cooperate at all. Which is why this meeting had to occur and by that point it was clear Netscape had lost the browser and it wasn't going to be close.
Hence the quick about face by Netscape to accept what was pretty much Microsoft's proposed solution.
I can't speak to the rest of Microsoft's browser decisions and given the court ruling it's clear they weren't the good guys either but this opened my eyes to the fact that all companies are the bad guys some time:)
thayne · 1h ago
Forcing the name to be chnaged from SSL to TLS seems pretty petty to me.
Two decades later, and it is still common for people to call TLS SSL.
TZubiri · 2h ago
Microsoft was the bad guy in a movie where you have a war right before aliens invade and you figure out that there's bigger enemies.
FSF hated Microsoft because they released binaries without source code, they were THE enemy, nowadays, you are lucky if you get a binary to study and modify! The standard from any competitive developer is to hide the binary and source behind a server. Try to study and modify that!
chollida1 · 2h ago
I agree with your entire statement:)
hsbauauvhabzb · 30m ago
Fool me once, shame on you. Fool me twice?
disruptiveink · 34m ago
Wait, but didn't TLS 1.0 have significant improvements over SSL 3.0? The article makes it seems that just a couple of things were tweaked just to make it different for the sake of being different.
layer8 · 26m ago
Indeed there are significant changes and improvements, though it’s not a complete redesign like SSL 3.0 was.
ahofmann · 1h ago
Oh wow, I just discovered that my brain unconsciously had a hard time to differentiate between SSL and TLS. And now, after two friggin decades I find out, why!
oc1 · 1h ago
Same. I feel so dumb now. After 15 years in this industry i finally figured out that ssl and tls are the same.
JdeBP · 16m ago
Back closer to the time, there were some people around who insisted that SSL specifically meant the old versions and it was all TLS now. I recall a couple of occasions where people were talking about UCSPI-SSL and someone stepped in to explain that We Don't Do SSL Now. As the headlined article says, that contrived distinction seems silly with the hindsight of decades.
The nomenclature was complicated in people's minds by SMTP. Because there was SMTP over a largely transparent encrypted connection, and SMTP where it started unencrypted and negotiated a switch, as well as plain old cleartext. It didn't help that RFC 2487 explained that STARTTLS negotiated "TLS more commonly known as SSL". RFC 8314 explains some of the historical mess that SMTP got into with two types of SMTP (relay and submission) and three types of transport.
And the "S" for "submission" could be confused with the "S"s in both "SSL" and "TLS". It's not just TLAs that are ambiguous, indeed. There was confusion over "SMTPS" and "SSMTP", not helped at all by the people who named programs things like "sSMTP".
I'm still calling it SSL in 2025. (-: And so is Erwin Hoffmann.
- "SSL" is a set of protocols so ridiculously old, busted and insecure that nobody should ever use them. It's like talking about Sanskrit; ancient and dead.
- "TLS" is way better than "SSL", but still there are insecure versions. Any version before 1.2 is no longer supported due to security holes.
- Technically an "ssl certificate" is neither "SSL" nor "TLS", it's really an "X.509 Certificate with Extended Key Usage: Server Authentication". But that doesn't roll off the tongue. You could use a cert from 1996 in a modern TLS server; the problem would be its expiration date, and the hash/signature functions used back then are deprecated. (some servers still support insecure methods to support older clients, which is bad)
MOARDONGZPLZ · 22m ago
Right, but they accomplish the same thing and people move monotonically from SSL to TLS. It’s not like choosing between React and Angular, but like choosing between React version 5 and React version 10 for a new project. SSL and TLS are the same in all meaningful respects from this perspective.
0xbadcafebee · 13m ago
Hotdogs and hamburgers are the same in all meaningful respects.
pkulak · 2h ago
“Transport Layer Security” really is a better name though. I also like to say “TLS”. Two Ses in a row makes you sound like a snake.
o11c · 1h ago
The problem is that TLS was already in widespread use for "thread local storage".
Transport Layer Security is widely documented as beginning in 1999.
I can find references to "Thread Local Storage" going back to at least 1996. That particular term seems more common in the Microsoft (and maybe IBM, does anyone have an OS/2 programming manual?) world at the time; Pthreads (1995) and Unix in general tended to call it "thread-specific data".
It's possible that the highly influential 2001 Itanium ABI document (which directly led to Drepper's TLS paper) brought the term to (widespread) use in the broader Unix world, though Sun (for both Solaris and Java?) was using the term previously. But it's also possible that I'm just missing the reference material.
kstrauser · 1h ago
I don’t doubt that, but I never heard Thread Local Storage until much later than that. While it might well’ve been common within its ecosystem, I don’t think it was widely known outside it.
JdeBP · 1h ago
I might have an OS/2 programming manual. But I don't need it. (-: This was not an OS/2 thing. We had to make map data structures using thread IDs. Or our language runtimes did.
Look to Windows NT rather than to OS/2 for thread-local storage. TlsAlloc() et al. were in the Win32 API right from NT 3.1, I think.
jeroenhd · 2h ago
I think SSL is a better fit, actually. In theory TLS could be a transport-layer security mechanism that would let arbitrary protocols run on top of it (like IPSec does), but in practice it's pretty much tied up to TCP sockets. The UDP variant (DTLS, and I suppose QUIC) isn't part of the TLS spec for instance. Of course we have kernel TLS on Linux now, and Windows also has infrastructure like that, but it isn't as easy as setting a flag on a socket to turn TLS on.
Plus, who doesn't like to sound like a snake sometimes? Snakes are badass.
LukeShu · 10m ago
No? The "transport" layer is layer 4 in the 7-layer OSI model (physical/datalink/network/transport/session/presentation/application) and 5-layer IP model (physical/network/internetwork/transport/application). That is: the "transport" provides reliable continuous data-stream abstraction over the lower-layers' discreet and unreliable packets; e.g. TCP.
And that data-stream the interface that TLS provides; to the higher layers it looks like a transport layer.
layer8 · 18m ago
“SSL” is easier to pronounce, because the tongue barely changes position between the three letters, compared to “TLS”.
andrewfromx · 1h ago
picture kaa from the jungle book discussing tcp security and arguing for the s-s-l name. In fact maybe adding a 3rd s.
albert_e · 1h ago
Related
Randomness and the Netscape Browser
January 1996 Dr. Dobb's Journal
This was written in 1996. The language used feels already much different from today's publications. God I feel old.
quietbritishjim · 28m ago
> This was written in 1996. The language used feels already much different from today's publications. God I feel old.
That depends on which publications you're looking at, just as it did in 1996. An article from LWN [1] today, for example, reads in a fairly similar style. Maybe slightly less stuffy, because it's targeted at a slightly more general audience.
This is one of those ones where it's awkward with a certain crowd. At some point SSL was https and class C meant a /24 subnetwork for webmaster types.
I've found that certain crowds will get angry about the vernacular vs a crowd that always understood something a particular way.
In any event, we have to stick with the times, especially with new entrants that stick with the new terms.
aag · 15m ago
I seem to remember that Microsoft's initial implementation used a field in the protocol in an incompatible way to encode that it was a different implementation. I remember people being annoyed at them for deliberately screwing up future compatibility. Does anyone remember the details of this?
tptacek · 1h ago
NB: I feel like the consensus was very firmly established by 2014 that SSL 2.0 was gravely flawed (its handshake isn't even properly authenticated).
yardstick · 1h ago
Would adoption of the new name been easier if the version started at TLS 3.0/matched the SSL version it originated from?
layer8 · 20m ago
One reason it didn’t is that existing standard libraries had “SSL” ingrained in their API identifiers.
amenghra · 2h ago
I remember "SSL and TLS: Designing and Building Secure Systems" by Eric Rescorla being really useful to understand the history behind TLS and how we got here. The book was written in 2001 and warned about some issues which turned into CVEs a bit later. You might find used copies for a couple bucks.
WhyNotHugo · 3h ago
I like this writing style. Informative, has some flavour/personality, but clear and concise.
userbinator · 2h ago
tl;dr: politics.
I still like to occasionally refer to TLS 1.3 as "SSL 3.4" to see whether people are aware of the history.
1. Say SSL or TLS?
2. How old are you (or did you start working before 1999?)
I'll reply with my answer too.
If I need to specifically say SSL or TLS, it's SSL (as in OpenSSL, LibreSSL, BoringSSL, SSL certificates, Qualys SSL Labs, SSL Server Test). TLS is a made up name for SSL.
I do say e.g. "TLSv1.2" if I need to name the specific protocol, that's about it.
I was working before 1999.
2. Started working before 1999
> Netscape also wanted to address SSL 2 issues, but wasn't going to let Microsoft take leadership/ownership in the standard, so they developed SSL 3.0, which was a more significant departure.
I remember this moment and this is where I realized that Microsoft wasn't always the bad guy here. They had the better implementation and were willing to share it. But Netscape in this instance acted like kids and wouldn't cooperate at all. Which is why this meeting had to occur and by that point it was clear Netscape had lost the browser and it wasn't going to be close.
Hence the quick about face by Netscape to accept what was pretty much Microsoft's proposed solution.
I can't speak to the rest of Microsoft's browser decisions and given the court ruling it's clear they weren't the good guys either but this opened my eyes to the fact that all companies are the bad guys some time:)
Two decades later, and it is still common for people to call TLS SSL.
FSF hated Microsoft because they released binaries without source code, they were THE enemy, nowadays, you are lucky if you get a binary to study and modify! The standard from any competitive developer is to hide the binary and source behind a server. Try to study and modify that!
The nomenclature was complicated in people's minds by SMTP. Because there was SMTP over a largely transparent encrypted connection, and SMTP where it started unencrypted and negotiated a switch, as well as plain old cleartext. It didn't help that RFC 2487 explained that STARTTLS negotiated "TLS more commonly known as SSL". RFC 8314 explains some of the historical mess that SMTP got into with two types of SMTP (relay and submission) and three types of transport.
And the "S" for "submission" could be confused with the "S"s in both "SSL" and "TLS". It's not just TLAs that are ambiguous, indeed. There was confusion over "SMTPS" and "SSMTP", not helped at all by the people who named programs things like "sSMTP".
I'm still calling it SSL in 2025. (-: And so is Erwin Hoffmann.
* https://www.fehcom.de/ipnet/sslserver.html
* https://manpages.debian.org/unstable/ssmtp/ssmtp.8.en.html
The important bits:
- "SSL" is a set of protocols so ridiculously old, busted and insecure that nobody should ever use them. It's like talking about Sanskrit; ancient and dead.
- "TLS" is way better than "SSL", but still there are insecure versions. Any version before 1.2 is no longer supported due to security holes.
- Technically an "ssl certificate" is neither "SSL" nor "TLS", it's really an "X.509 Certificate with Extended Key Usage: Server Authentication". But that doesn't roll off the tongue. You could use a cert from 1996 in a modern TLS server; the problem would be its expiration date, and the hash/signature functions used back then are deprecated. (some servers still support insecure methods to support older clients, which is bad)
Transport Layer Security is widely documented as beginning in 1999.
I can find references to "Thread Local Storage" going back to at least 1996. That particular term seems more common in the Microsoft (and maybe IBM, does anyone have an OS/2 programming manual?) world at the time; Pthreads (1995) and Unix in general tended to call it "thread-specific data".
It's possible that the highly influential 2001 Itanium ABI document (which directly led to Drepper's TLS paper) brought the term to (widespread) use in the broader Unix world, though Sun (for both Solaris and Java?) was using the term previously. But it's also possible that I'm just missing the reference material.
Look to Windows NT rather than to OS/2 for thread-local storage. TlsAlloc() et al. were in the Win32 API right from NT 3.1, I think.
Plus, who doesn't like to sound like a snake sometimes? Snakes are badass.
And that data-stream the interface that TLS provides; to the higher layers it looks like a transport layer.
Randomness and the Netscape Browser January 1996 Dr. Dobb's Journal
https://people.eecs.berkeley.edu/~daw/papers/ddj-netscape.ht...
This was written in 1996. The language used feels already much different from today's publications. God I feel old.
That depends on which publications you're looking at, just as it did in 1996. An article from LWN [1] today, for example, reads in a fairly similar style. Maybe slightly less stuffy, because it's targeted at a slightly more general audience.
[1] https://lwn.net/
I've found that certain crowds will get angry about the vernacular vs a crowd that always understood something a particular way.
In any event, we have to stick with the times, especially with new entrants that stick with the new terms.
I still like to occasionally refer to TLS 1.3 as "SSL 3.4" to see whether people are aware of the history.
No comments yet