SSL/TLS abbreviations with their definitions

In SSL/TLS encryption there are a number of terms which are usually abbreviated to represent the different technologies, ciphers, algorithms etc. We have compiled a comprehensive dictionary with the most commonly used in an alphabetical order. A sort of glossary of SSL language terms and it's specific definitions.

Abbreviation Full name Description
SSL Secure Sockets Layer SSL is a cryptographic protocol laso caled Transport Layer Security (TLS) that provides secure communication over a network.
TLS Transport Layer Security It is the successor to Secure Sockets Layer (SSL), and it is now the most widely used protocol for securing communications over the internet.
HTTPS Hypertext Transfer Protocol Secure A secure version of the Hypertext Transfer Protocol (HTTP) that uses Transport Layer Security (TLS), the protocol that is used to transmit data between web server and browser.
HTTP/2 Hypertext Transfer Protocol 2 HTTP/2 is a major revision of the HTTP protocol that aims to improve performance and reduce latency.
DV Domain Validation DV certificates are issued by verification of the domain name they want to secure. This verification is typically done by sending an email to the domain administrative contact or by placing a specific file on the web server.
OV Organization Validation It is a mid-level type of SSL certificate that provides more assurance of the website owner's identity than a Domain Validation (DV) certificate. SSL OV certificates are issued based on the verification of the applicant's legal and operational existence, as well as their domain control.
EV Extended Validation It is the highest level of SSL certificate and provides the most assurance of the owner of the website. SSL EV certificates are issued after the issuer performs an extended validation. Usually contacting the owner of the company/person and verifying the details.
SAN Subject Alternative Name It is an extension to the X.509 certificate standard that allows a single SSL/TLS certificate to secure multiple domain names and IP addresses.
CAA Certificate Authority Authorization It is an Internet security policy mechanism that allows domain name holders to indicate to certificate authorities (CAs) whether they are authorized to issue digital certificates for a particular domain name.
OCSP Online Certificate Status Protocol Network protocol used to check the revocation status of an X509 certificate. It can be used to determine if certificate has been revoked by issuer.
SNI Server Name Indication It is an extension to the TLS protocol that allows a client to indicate which hostname it is trying to connect to at the start of the handshake process.
HSTS HTTP Strict Transport Security Web security policy that helps protect websites from man-in-the-middle attacks by instructing web browsers to always connect to the site using HTTPS, even when the user types in the HTTP URL.
CSR Certificate Signing Request A message that is sent from an applicant to a Certificate Authority (CA) in order to apply for a digital certificate. The CSR contains information about domain, organization, location and public key. The issuer will use the information from the CSR to generate a SSL certificate for the requestor.
CRT Certificate Type of digital certificate that is used to verify the identity of a website,domain name or other entity.
ALPN Application Layer Protocol Negotiation It is a Transport Layer Security (TLS) extension that allows a client and server to agree on the application layer protocol to use over a secure connection.
NPN Next Protocol Negotiation As a result, NPN is no longer supported by most modern browsers and servers. It's recommended to be upgraded to ALPN.
QUIC Quick UDP Internet Connections New transport layer protocol that is designed to improve the performance and security of web traffic. QUIC is also designed to provide encryption and authentication for web traffic.
ECC Elliptic curve cryptography Commonly used in Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL). These curves are used to secure communications between web servers and clients. x25519 is Newer, Faster and More secure. secp256r1 is Older, Slower and Less secure
X.509 International Telecommunication Union Telecommunication Standardization Sector (ITU-T) Recommendation X.509, which defines the format and structure of digital X.509 certificates
CT Certificate Transparency Open-logging system that monitors and audits the issuance of digital certificates. It aims to enhance the security, detect and revoke fraudulent or compromised certificates.
SCT Signed Certificate Timestamp A digital signature that is added to a Certificate Transparency (CT) log entry. The SCT proves that the certificate was logged at a specific time and by a specific CA, ensure that the certificate is valid and has not been revoked.
DANE Domain-Validated TLS ALPN Extension for HTTP/2 It is an extension to the Transport Layer Security (TLS) protocol that allows a domain name owner to specify which Certificate Authorities (CAs) are authorized to issue certificates for their domain.