Transport Layer Security denotes a set of protocols for cryptographically securing traffic. Its predecessor ssl was invented by Netscape.
Technically SSL (more precisely: the Record Protocol) sits on top of the transport layer, but it is the responsibility of the application to use TLS. TLS can only be used with connection oriented transport protocol like TCP or SCTP. Connection-less protocols like UDP or DCCP can be secured with DTLS.
TLS is commonly used for protocols like POP3, IMAP, SMTP, LDAP, and other protocols. TLS can be initiated by using individual protocol port numbers (such as port 443 for HTTP over TLS), the protocol names are recognized by the trailing letter S (such as HTTPS vs. HTTP). Other protocols allow to initiate TLS by the STARTTLS command.
Key-exchange and authentication is done by cryptographic public-key methods. Public keys are authenticated by chains of X.509 certificates that lead to root certificates which are ultimate trust anchors. For HTTPS common browsers come with a set of root certificates pre-installed.
Related tags: ssl, certificates, public-key-authentication, https