Beside the OSI/model, there is also the TCP/IP Model:

  1. Link Layer

  2. Internet (IP) Layer

  3. Transport Layer

  4. Application


🔗OSI Model

The OSI model has a bit more granularity.

  1. Physical Layer
  2. Data Link Layer
  3. Network Layer (IP)
  4. Transport Layer (TCP)
  5. Session Layer (TLS)
  6. Presentation Layer
  7. Application Layer (HTTP)

TLS establishes an encrypted session. In the OSI model this is where TLS operates. It sets up its session, and adds a layer of encryption for the Application Layer (HTTP).

TLS and SSL do not fit neatly into any single layer of the OSI model or the TCP/IP model. TLS runs "on top of some reliable transport protocol (e.g., TCP)," which would imply that it is above the transport layer. It serves encryption to higher layers, which is normally the function of the presentation layer. However, applications generally use TLS as if it were a transport layer, even though applications using TLS must actively control initiating TLS handshakes and handling of exchanged authentication certificates.