What is TLS?

TLS stands for Transport Layer Security, being a protocol which helps encryption of sensitive content over a network. Initially known as Secure Sockets Layer, or SSL, its goal is to protect clients and servers from eventual attackes and to guarantee transmission authenticity.

Why should I install TLS?

The process seems to be quite complicated, but it’s actually done in less than a second, in a regular computer it usually lasts 500ms or less.

There are actually a great number of incentives to install TLS:

  • Secure page, data integrity
  • Page visibly protected (a padlock can bee seen)
  • SEO Boost at Google > Improvement of your page rank, so more visitorys
  • TLS is free, thanks to Let’s Encrypt, Buypass, Encryption Everywhere by Digicert or cPanel
  • TLS support by all web browsers
  • Protect several sites in the same time

Some problems can hinder the progress of TLS:

  • The time required to install TLS (which can be remediated by automation tools like Certbot)
  • Time required to validate SSL/TLS certificates that show the owner
  • Only a protection of data transmissions
  • Price can be a factor for SSL/TLS certificates that last more than 90 days
  • Environments that do not support Server Name Indication

How can I improve TLS?

Some other concepts can improve TLS although not directly related to the protocol

  • HSTS (HTTP Strict Transport Security), forcing HTTPS through a header, which can also be preloaded
  • HPKP (HTTP Public Key Pinninng), forcing a particular SSL/TLS certificate for the HTTPS connection
  • CAA (Certification Authority Authorization), restrict certain CAs to issue any certificate for your domain