Xp validating identity fix
TLS and SSL do not fit neatly into any single layer of the OSI model or the TCP/IP model.which would imply that it is above the transport layer.The TLS protocol comprises two layers: the TLS record and the TLS handshake protocols.TLS is a proposed Internet Engineering Task Force (IETF) standard, first defined in 1999 and updated in RFC 5246 (August 2008) and RFC 6176 (March 2011).This allows others (relying parties) to rely upon signatures or on assertions made by the private key that corresponds to the certified public key.TLS typically relies on a set of trusted third-party certificate authorities to establish the authenticity of certificates.It serves encryption to higher layers, which is normally the function of the presentation layer.However, applications generally use TLS as if it were a transport layer, Early research efforts towards transport layer security included the Secure Network Programming (SNP) application programming interface (API), which in 1993 explored the approach of having a secure transport layer API closely resembling Berkeley sockets, to facilitate retrofitting pre-existing network applications with security measures.
If any one of the above steps fails, then the TLS handshake fails and the connection is not created.
Once the client and server have agreed to use TLS, they negotiate a stateful connection by using a handshaking procedure.
The protocols use a handshake with an asymmetric cipher to establish not only cipher settings but also a session-specific shared key with which further communication is encrypted using a symmetric cipher.
Trust is usually anchored in a list of certificates distributed with user agent software, and can be modified by the relying party.
According to Netcraft, who monitors active TLS certificates, the market-leading CA has been Symantec since the beginning of their survey (or Veri Sign before the authentication services business unit was purchased by Symantec).
Version 1.0 was never publicly released because of serious security flaws in the protocol; version 2.0, released in February 1995, contained a number of security flaws which necessitated the design of version 3.0.