The RFC may also be viewed at XXXX/ which also contains various RFC status information (including errata) together with a list of alternative formats, such as, text, PDF and HTML (this is the working area version of the document). We update the page from time-to-time when we can think of nothing better to do with our lives and now keep a change log in case you ever happen to read it twice. Secure Sockets Layer (SSL) is a Netscape protocol originally created in 1992 to exchange information securely between a web server and a browser where the underlying network was insecure.
In addition, a number of extensions are defined in RFC 3546 when TLS is used in bandwidth constrained systems such as wireless networks, RFC6066 defines a number of TLS extensions carried in an extended client hello format (introduced with TLS 1.2), RFC6961 defines a method for reducing traffic when a client requests the server to supply certificate status information.
And RFC 7935 now defines what happens to TLS (and DTLS) when used in the Io T (Internet of Things or Thingies as we, in our iconoclastic way, prefer).
This is a survival guide to the eye-glazing topic of TLS/SSL and X.509 (SSL) certificates - including self-signed certificates.
These are elements in what is loosely called a Public Key Infrastructure (PKI).
The term 'SSL certificate' has persisted, and will likely persist for the foreseable future, because given the choice of saying 'SSL' or 'X.509' the former tends to roll off the tongue more comfortably.
Doubtless a linguistic expert could wax lyrical over the S sound versus the X sound.
For we, mere mortals, its chief merit may be that it's shorter (3 versus 4 syllables).
The current guide includes SSL, TLS, some detail about X.509 and its usage as well as some explanation about certificate types, including EV certificates, and the trust process.
Bad news: If you self-sign your certificates nobody but you and your close family (perhaps) may trust them.
But before you shell out all that filthy lucre for a bright, shiny new X.509 (SSL) certificate or the even more expensive EV SSL (X.509) certificate you might want to know what they do and how they do it.
Nevertheless, we persist in our ingrained habit for no particularly good reason (old dog..tricks..).