Transport Layer Security (TLS) and its forerunner SSL (secure socket layer) are both cryptographic protocols that provide secure communication over the network. Earlier, SSL3.0 was deprecated in June 2015 and TLS has already made its ground in the online security world.
TLS has the main version of TLS1.0, 1.1, 1.2 and finally, the news came for TLS 1.3. Yes, TLS 1.3 is going to release in April 2017. If you go through the difference between TLS 1.3 and its other versions then it is a great leap in the SSL industry.
About TLS 1.3:
The IETF (Internet Engineering Task Force) is a standard organization that has been developing SSL and TLS versions since the 1990 year. The IETF has developed TLS 1.3 and they have almost done their task for this new version.
However, the code writing is still in process and of course, TLS libraries have to be updated with modern coding. There should be major differences in this new version and a few of them should be as under.
What is New in TLS 1.3?
- Removal support of weak and lesser-used named elliptic curves
- Assimilating session hash usage
- Remove MD5 and SHA-224 cryptographic hash functions support
- Forbidding SSL or RC4 negotiation for backward compatibility
- Use of forwarding Secrecy (PFS)
- Use of strong ciphers AES256-GCM and CHACHA20_POLY1305
- Remove the entire network round trip in case of reconnecting to the server
- No common key and each key will be distinctly protected
- Single packet exchange instead of three or more packets
OpenSSL and TLS 1.3:
Moreover, there are many platforms like OpenSSL and other libraries that have not updated to the latest TLS version, so websites run on the OpenSSL library is still do not have the advantage of TLS 1.3.
OpenSSL has released the date of integration of TLS 1.3 around April 5 2017 with its 1.1.1 version. OpenSSL has also sponsored TLS 1.3 development in OpenSSL. Cloudflare is already using TLS1.3 so sites using Cloudflare is already have TLS 1.3 version.
Chrome Canary and Firefox Nightly have features to enable TLS 1.3 before its arrival. There are millions of websites that need to update their OpenSSL version before implementing a new TLS version.
At present, OpenSSL 1.1.0 is in use so, websites can update the version to 1.1.0 and once the new OpenSSL version is there, they can move to the new version with TLS 1.3.
With the arrival of TLS 1.3, the website will have strong security over the web with new enhanced features and it would be a great leap for the cyber world. Currently, IETF hackathons (A meeting where people work together on computer programming tasks) include Mozilla’s NSS (used in Firefox), Facebook server named Fizz, Google’s Boring SSL, and Cloudflare.
- Things to Consider Before you Buy Wildcard SSL Certificate
- What is Multi-Domain Wildcard SSL Certificate?
- Top 5 Best Cheapest Wildcard SSL Certificate Providers
- How Hashing Algorithms Work
- SAN SSL Certificate: Flexible Domain Protection with Strong Encryption
- 6 Best SSL Certificate Provider to Buy SSL Certificates
- Symmetric vs Asymmetric Encryption