Transport Layer Security (TLS) is a cryptographic protocol that provides security over a network. It’s predecessor is Secure Sockets Layer (SSL) protocol, frequently referred to as “SSL.
- The connection is private because symmetric cryptography is used to encrypt the data transmitted.
- The keys are generated (unique) for each connection and are based on a shared secret negotiated at the handshaek or start of the session.
Opportunistic TLS is a common encryption method used to protect sensitive data. When opprtunistic TLS is enabled, the sender will attempt a TLS connection when sending data if it is offered, and fall back to SMTP (unencypted) if it is not. Simply, the connection will tattempts to invoke TLS.
Enforced TLS means the sender will attempt to connect using TLS, and if it is not offered will not send. If TLS is offered, it will negotiate the handshare, determine the approriate algorithum, and pass the data.
Often a TLS partnership or relationship is created between two established organizations to ensure TLS is mandatory and enforced during communication or data The enforced TLS guarantees that messages are always sent or received encrypted.