On 4/2/2002 3:48 PM, Seth Dillingham <seth@macrobyte.net> wrote:

>Is it clear to everyone that "TLS" includes SSL? In other words, your
>device or software doesn't have to include support for TLS to work with
>this secure server. If it supports any sort of secure web server, it will
>probably work, because TLS is like, "SSL Plus".
>
>(Brian probably won't like that over-simplifcation, but it's essentially
>true.)

I don't know about that "Plus" part... it's more like a repackaged and
slightly tweaked SSLv3. :-) The top of this page gives a reasonable
summary:

http://crypto.stanford.edu/~eujin/sslsniffer/documentation.html

The most important difference, in my opinion, is that it's an IETF
standard instead of a Netscape standard. I won't defend the IETF as the
best organization ever, but I'd prefer to have important standards
controlled by them instead of by AOL.

-Brian