The SSL protocol was implement by Netscape back in the day to facilitate commerce over the internet. E-commerce, as it became known as, required encryption to ensure that customer's personal information was kept safe, and the proper authentication and integrity guarentees were in place.
When SSL is used correctly, a third party cannot read or modify any of the actual data sent over the connection.
The TLS protocol is designed to provide three services to all applications running above it:
- Encryption
- Authentication
- Integrity
So, if Peter wants to send a message to Paul without John being able to read it, Peter can encrypt the message in such a way that only Paul knows how to decipher it.
Before Peter sends an encrypted message to Paul, Peter has to first verity that he is indeed talking with Paul, and that Paul is able to decipher the message.
As Peter and Paul exchange information, they need a way to ensure that messages have not been modified by a third party.
NOTE
See: High Performance Browser Networking