While the purposes of SSL and TLS are very similar, these communication protocols are distinct in how they operate. These changes developed over time as SSL moved through various versions before it was succeeded by TLS.
SSL/TLS handshakes
A handshake is a process in which a browser authenticates a server’s SSL or TLS certificate. This process authenticates both parties, then exchanges cryptographic keys.
An SSL handshake was an explicit connection, while a TLS handshake is an implicit one. The SSL handshake process had more steps than the TLS process. By removing additional steps and reducing the total number of cipher suites, TLS has sped up the process.
Alert messages
Alert messages are how SSL and TLS protocols communicate errors and warnings. In SSL, there are only two alert message types: warning and fatal. A warning alert indicates that an error has occurred, but the connection can continue. A fatal alert indicates that the connection must be terminated immediately. Additionally, SSL alert messages are unencrypted.
TLS has an additional alert message type called close notify. The close notify alert signals the end of the session. TLS alerts are also encrypted for additional security.
Message authentication
Both SSL and TLS use message authentication codes (MACs), a cryptographic technique for verifying the authenticity and integrity of messages. By using a secret key, the record protocol generates the MAC as a fixed-length code and attaches it to the original message.
The SSL protocol uses the MD5 algorithm—which is now outdated—for MAC generation. TLS uses Hash-Based Message Authentication Code (HMAC) for more complex cryptography and security.
Cipher suites
A cipher suite is a collection of algorithms that create keys to encrypt information between a browser and a server. Typically, a cipher suite includes a key exchange algorithm, a validation algorithm, a bulk encryption algorithm, and a MAC algorithm. Several algorithms in TLS were upgraded from SSL due to security concerns.