Transport Layer Security (TLS) and its forerunner SSL (secure socket layer) are both cryptographic protocols that provide secure communication over the network. Earlier, SSL3.0 was deprecated in June 2015 and TLS has already made its ground in online security world. TLS has main version of TLS1.0, 1.1, 1.2 and finally the news came for TLS 1.3. Yes, TLS 1.3 is going to release in April 2017. If you go through the difference between TLS 1.3 and its other versions then it is a great leap in SSL industry.
About TLS 1.3:
The IETF (Internet Engineering Task Force) is a standard organization that has been developing SSL and TLS versions since 1990 year. The IETF has developed TLS 1.3 and they have almost done their task for this new version. However, the code writing is still in process and of course TLS libraries has to be updated with modern coding. There should be major difference in this new version and few of them should be as under.
What is New in TLS 1.3?
- Removal support of weak and lesser-used named elliptic curves
- Assimilating session hash usage
- Remove MD5 and SHA-224 cryptographic hash functions support
- Forbidding SSL or RC4 negotiation for backward compatibility
- Use of Forward Secrecy (PFS)
- Use of strong ciphers AES256-GCM and CHACHA20_POLY1305
- Remove the entire network round trip in case of reconnect to the server
- No common key and each key will be distinctly protected
- Single packet exchange instead of three or more packets
OpenSSL and TLS 1.3:
Moreover, there are many platforms like OpenSSL and other libraries have not updated to latest TLS version, so websites run on OpenSSL library is still not have advantage of TLS 1.3. OpenSSL has released date of integration of TLS 1.3 around April 5 2017 with its 1.1.1 version. OpenSSL has also sponsored TLS 1.3 development in OpenSSL. CloudFlare is already using TLS1.3 so sites using CloudFlare is already have TLS 1.3 version.
Chrome Canary and Firefox Nightly has features to enable TLS 1.3 before its arrival. There are millions of websites need to update their OpenSSL version before implementing new TLS version. At present, OpenSSL 1.1.0 is in use so, websites can update version to 1.1.0 and once new OpenSSL version is there, they can move to new version with TLS 1.3.
With the arriving of TLS 1.3, the website will have strong security over the web with new enhanced features and it would be a great leap for the cyber world. Currently, IETF hackathons (A meeting where people work together on computer programming tasks) include Mozilla’s NSS (used in Firefox), Facebook server named Fizz, Google’s Boring SSL and Cloudflare.
- Things to Consider Before you Buy Wildcard SSL Certificate
- What is Multi-Domain Wildcard SSL Certificate?
- Top 5 Best Cheapest Wildcard SSL Certificate Providers
- How Hashing Algorithms Work
- SAN SSL Certificate: Flexible Domain Protection with Strong Encryption
- 6 Best SSL Certificate Provider to Buy SSL Certificates
- Symmetric vs Asymmetric Encryption