Supported SSL and Transport Layer Security (TLS) protocols

 

This topic describes which versions of the SSL and TLS protocols the i5/OS® implementation supports.

There are several versions of the SSL protocol defined. The latest version, the Transport Layer Security Protocol (TLS), is based on SSL 3.0 and is a product of the Internet Engineering Task Force (IETF). The i5/OS implementation supports the following versions of the SSL and TLS protocols:

 

SSL Version 3.0 versus SSL Version 2.0

SSL version 3.0 is an almost totally different protocol compared to SSL Version 2.0. Some of the major differences between the two protocols include:

 

TLS Version 1.0 versus SSL Version 3.0

The latest industry standard SSL protocol based on SSL version 3.0 is Transport Layer Security (TLS) Version 1.0. Its specifications are defined by the Internet Engineering Task Force (IETF) in RFC 2246, The TLS Protocol.

The major goal of TLS is to make SSL more secure and to make the specification of the protocol more precise and complete. TLS provides these enhancements over SSL Version 3.0:

Any System i applications that are enabled for SSL will automatically obtain TLS support unless the application has specifically requested to use only SSL Version 3.0 or SSL Version 2.0.

TLS provides the following security improvements:

 

Parent topic:

SSL concepts

Related concepts
History of SSL

Related information
The TLS Protocol