1) SSL is a protocol for secure communication over the internet that ensures data privacy and integrity. It uses certificates and encryption to provide authentication, confidentiality, and message integrity. 2) SSL establishes a secure connection through a handshake process where the server sends its certificate to the client, which verifies the certificate and sends an encrypted session key to the server. 3) SSL sits between the application layer (such as HTTP) and the transport layer (TCP), encrypting and decrypting data sent between a client and server to provide security.