Support for Secure Socket Layer (SSL) or Transport Layer Security (TLS) is provided by the Security Support Provider (SSP) Secure Channel, also referred to as Schannel. Any Windows application that requires support for SSL/TLS has the option of using Schannel, or a third-party library, such as OpenSSL. Of course, Schannel ships with windows since NT4, so it makes sense to try use it instead of a third-party library.
Unfortunately, Schannel really isn’t that straight forward to use. There’s no tls_init(), tls_send() or tls_recv() functions to conveniently initialize, send and receive encrypted data between two systems. Anyone who’s used Schannel will likely agree, it’s somewhat clumsy, and unnecessarily complicated.
The Schannel code used for the TLS enabled shell is largely based off this C++ SSPI Schannel TLS example. As for lots of detail into how the example and Schannel works, there’s also TLS with Schannel from the same author.