How does SSL 'sit' between the network layer and application layer?

SSL is neither a network layer protocol nor an application layer protocol. In this Q&A, Michael Cobb explains how SSL "sits" between both layers.

I've heard people say that SSL "sits" between the network layer and application layer? What does that mean?

This is a very good question, and I think the best way to answer it is to start by examining the purpose of a protocol. In the computing world, a protocol is a set of rules governing how data is transferred between two endpoints. The rules cover the syntax, semantics and synchronization of connection, communication and actual data exchange. Most communications and networking protocols don't function in isolation, however. They are layered together in what's called a protocol stack, a specific combination of protocols that work together, where each protocol in the stack performs specialized tasks.

Secure Sockets Layer, or SSL, is a standards-based cryptographic protocol that offers encryption and authentication services. It is widely used to provide secure communications over the Internet. By far the most common use of SSL is within Web browsers via an application-protocol hybrid known as HTTPS. SSL, however, is a transparent protocol, basically invisible to the user, and it is available to any TCP/IP-based application.

As you can imagine, trying to ensure that a protocol stack can actually fulfill its intended role, and that the different protocols all work together, is very complex. Various models have been developed to help engineers conceptualize protocol stacks, and each provides an abstract description of how network protocols should work. The OSI (Open System Interconnection) model is probably the best known and uses seven layers to group the services that a protocol can offer. An earlier model, the TCP/IP model, uses four or five layers. The layers near the top of both models are logically closer to the user, while those near the bottom are logically closer to the physical transmission of the data.

Under the OSI model, the application layer, Layer 7, performs common application services for the application processes; the network layer, Layer 3, solves the problem of getting packets from one place to another across a network. The SSL protocol is quite unusual, as it doesn't just operate at one layer. SSL is neither a network layer protocol nor an application layer protocol. It is one that "sits" between both layers.

Because of its position, SSL gives the client machines the ability to selectively apply security protection on individual applications, rather than set forth encryption on an entire group of applications. The procedure can be done without concerning Layer 3, the network layer. For these reasons, when SSL is used for encrypting network traffic, only the application layer data is actually encrypted. This differs from, say, the IPsec protocol, which operates at the network layer and encrypts all traffic data right down to the IP layer.

More on this topic

  • Learn how the network can be used to secure Layer 7.
  • Is SSL still useful? Mike Chapple certainly thinks so.


Dig Deeper on Network security

Enterprise Desktop
  • Understanding how GPOs and Intune interact

    Group Policy and Microsoft Intune are both mature device management technologies with enterprise use cases. IT should know how to...

  • Comparing MSI vs. MSIX

    While MSI was the preferred method for distributing enterprise applications for decades, the MSIX format promises to improve upon...

  • How to install MSIX and msixbundle

    IT admins should know that one of the simplest ways to deploy Windows applications across a fleet of managed desktops is with an ...

Cloud Computing