I am trying to understand where exactly SSL/TLS sits in OSI model. If I look at this answer on StackExchange,
While all network models are imperfect, this question can only be answered by looking at what SSL (TLS really) does. (1) On top of a reliable network stream (TCP at OSI layer 4) it provides an encrypted bidirectional stream and (almost always) guarantees the identity of the server and (optionally) the client. The authenticating client can be a process, user or some other entity which can properly answer the required authentication challenges.
TLS means Transport Layer Security. However since it does implement session identity, integrity, start up, tear down and management it very much belongs in the session layer. The Wikipedia page states that this belongs to the OSI presentation layer. This is probably wrong. The presentation layer is more concerned with marshalling data into non-network-dependent formats and interpreting it on the host side through the appropriate application.
At-rest encryption (say in a database field or email message) might be a candidate for the presentation layer, but I would suggest that it's closer to a form of OS or application security.
So in reality TLS is mostly session-layer as it provides point-to-point session security for the transport (TCP). In other ways it provides authentication functions which are clearly application layer (OS, utility or user app).
So it's a lot of layer 5 and a little of layer 7.
It explains how it sits on layers 7 and 5.
But these slides explaining BEAST attack on SSL/TLS says its on layer 6,
Can someone please explain (if possible with a diagram) where exactly SSL/TLS happens?
