Secure Sockets Layer (SSL) is a cryptographic protocol that provides secure communications over the Internet. Often, SSL is used as a blanket term and refers to both the SSL protocol and the Transport Layer Security (TLS) protocol. The most recent version of the protocol is TLS version 1.2, specified by the IETF in RFC 5246.
- Stackoverflow.com Wiki
The world of SSL/TLS Internet encryption is in trouble again. You may have heard that recently a new vulnerability called POODLE has been found in the ancient SSLv3 protocol. Shortly before another vulnerability that's called BERserk has been found (which hasn't received the attention it deserved because it was published on the same day as Shellshock). I think it is crucial to understand what led to these vulnerabilities.
In 2015 web developers understand more about SSL than they ever have.
Let's Encrypt is a new certificate authority backed by some of the internet's biggest players. It eliminates the complex process of manual certificate creation, validation, signing, installation and even renewal by instead leveraging an automated DevOps style approach.
If you think you’re clever enough to securely encrypt only part of your web application, you’re almost certainly wrong.