ISO OSI Reference Model
- The Application layer includes facilities, such as agreement on security aspects (e.g. authentication, access control, data integrity); selection of mode of dialogue; and identification of abstract syntaxes, etc.
- The Presentation layer is all about “Syntax.” (Encoding/Decoding, compression, encryption, etc. are good examples.)
- The Session layer deals with dialogs, duplex/half-duplex interaction modes, and “typed” data transfer, etc.
- The Transport layer provides a “transparent” transfer of data and relieves the session layer from transmission details.
TLS requires a reliable underlying protocol and an in-order data stream. It typically works on top of TCP (a transport layer protocol) to complement its security weakness. Hence, TLS works, in my opinion, in the session, and presentation layer in terms of its Presentation Language, Handshake Protocol, Record Protocol, Cryptographic Computations, etc. as defined in RFC 8446.
However, you can be confused because the Sybex OSG or other materials may say TLS belongs to the “Transport Layer.” It’s all right for us to just be aware of those different perspectives out there. It’s more important that we do research when in doubt and know the inconsistency between the commonly accepted definitions and what the classic literature says.