Internet security utilises cryptographic protocols; SSL(Secure Socket Layers) and TLS(Transport Security Layer). These protocols are utilised to create secure link, which requires authentication and data encryption, between machines, servers and applications.

SSL is the predecessor to TLS. Over the years, new versions of these protocols have been introduced to overcome the vlnerabilities found and old versions depricated by IETF (Internet Engineering Task Force). Now, all the SSL versions are obselete. That leaves only the TLS protocol to be used by the computer systems for security.

TLS can be used on top of a transport-layer security protocol like TCP(Transmission Control Protocol) or CoAP(Constrained Application Protocol). TLS consists of three main components: Encryption, Authentication, and Integrity.

• Encryption: conceals  the transferred data from third parties.
• Authentication: ensures that the parties exchanging data are who they claim to be.
• Integrity: checks that the data has not been forged or tampered with during the transfer.

Digital Certificates and Protocols

A Digital Certificate, actual name is X.509, is just a container to keep the following components 

1. Public Key of the communicating party
2. Digital Signature of the communicating party
3. Digital Signature of the Trusted Authority agreed by everyone

X.509 is a standard defining the format of public key certificates. 

A Digital Certificate is used by the receiving party;

• to authenticate the Public Key belongs to the communicating party using the Digital Signature of the communicating party
• to check the integrity of the X.509 Digital Certificate by using the Digital Signature of the Trusted Authority.

Note that the receving party already has the x.509 Digital Certificate of the Trusted Authority, which self certificate.

Digital Certificates always generated by the Trusted Authority for everybody.

The Security Protocols are utilise the Digital Certificates to authenticate the other parties, encrypt data  being transfered between the communicating parties and check the integrity of the received data.

Security Protocols and Digital Sertificates are not binded together. Changing the version of the Security Protocol does not require a change of the current Digital Certificate. The Digital Certificates can be used by any type or version of a Security Protocol.