May Last Newsletter for 2019
Dec
26
Lately there is a lot of talk going on around Internet Security. Much of the talk are about supporting TLS 1.2, but you are asked to buy an SSL Certificate. You must be confused like I am. You need to support TLS 1.2 to be considered secure, and soon the newer browsers will enforce that. Starting sometime in March of next year, new browsers will not even display the content if your website is not TLS 1.2 or later.
When you read up on the Internet, you'll learn that TLS is a successor to SSL. So, what is a TLS certificate? Why are you still asked to buy SSL when SSL is replaced by TLS. What is going on?
It is really confusing and stupid. I learned there are two meanings to SSL. (1) SSL is a certificate you buy to verify your company's security. “SSL Certificate”, (2) is the encryption method called SSL. The encryption method SSL is the one that is succeeded by TLS. The versions that are available for TLS are 1.0, 1.1, 1.2 and 1.3. And starting March 2020, anything below TLS 1.2 will not be considered safe. Of course, all SSL excretions are obsolete.
Here is the confusing part: To use TLS, you need to be verified by a third party as an existing business or organization. That certificate is still called SSL. So you need to purchase an SSL certificate to activate TLS. Was I able to clear up this confusion? I hope I did. If you are not SSL certified or using anything less than TLS 1.2, or if you do not know which version you are using, please give us a call. We will be happy to look it up.
This will be my last newsletter for 2019. Have safe holidays and a happy new year. Thank you for being my friend.