CISSP - TLS - Location in the OSI model
-
All throughout the CISSP videos and notes, I've noticed that SSL/TLS is often referred to as a layer 4 protocol. All other sources I've encountered however (including it's own Wikipedia entry), quote the protocol as operating at layer 5 since it's built on-top of TCP/UDP. So which is it?
BTW - I don't mean to be nitpicking, I only what to know what ISC2 thinks for the exam :)
Thanks,
-Don -
Don,
It's funny you should ask that. I asked the same exact question to Adam when we were filming that episode. Like you, I always associated SSL/TLS with Layer 5. However, Adam told me that for the exam the viewers need to associate it with Layer 4. Apparently that is how the (ISC)2 guys reference it.
Sorry for the confusion,
Don Pezet
Host, ITProTV -
Don J,
Let me weigh in for a moment on this question, and provide some additional details out beyond what Don P has already posted.
There are 2 "competitive" models that exist with regards to structure, form and function in this area:
1. The TCP/IP Model ( from the DoD )
2. The OSI model ( builds on the DoD model )
While we tend to focus almost exclusively in the conversations regarding models on the OSI model as our reference architecture, it is important to be aware of both for the following reasons:
A. The TCP/IP model is a 4 stage, or layer model.
B. The OSI model "builds out" the TCP/IP 4 stage model by extending/ adding functionality into additional layers ( total of 7 ).
In the OSI model, SSL exists in a unique position, because of the form and function of SSL, and how it is implemented. Specifically, it does not fit nicely and neatly into a single layer, because it effectively straddles, or sits between two layers technically.
It is ascribed to Layer 5, the SESSION layer, due to the session layer encryption it supposedly provides.
It is also ascribed to Layer 4, due to the fact that SSL both uses and provides a Bi-Directional channel for the safe and secure transport of bytes between two identified end points, with Confidentiality and Integrity being guaranteed. Further, technically, SSL is usually implemented on top of any of the Transport Layer protocols, encapsulating the application-specific protocols such as HTTP, FTP, SMTP, NNTP and XMPP. Historically it has been used primarily with reliable transport protocols such as the Transmission Control Protocol (TCP).
The argument can be made that SSL technically exists between both Layers 4 and Layer 5, as a product of one, and implemented in another.
I would be most concerned/focused on knowing what SSL does, and how it does it, with what protocols, then I would necessarily with where in the OSI model it may call home.
I hope that the explanation helps to clarify your question, as it is an important one to ask. -
Wow! Thanks Adam!
I just passed my exam this morning and having said that, I would completely agree with your primary point -- that it's more important to understand what SSL does and how it does it, rather than its placement in the OSI model.
Nevertheless, your explanation is fantastic and I greatly appreciate that you took the time to write such a thorough response.
-Don