Firstly Transport Layer Security or TLS in short is what enables us to securely browse the web and communicate using the internet. Its primary aim is to provide “privacy and data integrity between two communicating computer applications” TLS got its approval after Secure Sockets Layer SSL , its predecessor which was prohibited to be used by the Internet Engineering Task Force (IETF).
Internet Engineering Task Force
IETF is a large open international community of people who are concerned with the evolution of the Internet architecture and the smooth operation of the Internet. These people are network designers, operators, vendors, researcher and is open for any interested individual. The technical work of the IETF is done in Working Groups, which are organized by topic into several Areas.
The Internet Engineering Task Force (IETF) is the premier Internet standards body, developing open standards through open processes.
IETF took more than 4 years and made 28 drafts for the TLS 1.3 before finally deciding to give their approval.
Transport Layer Security changes
TLS 1.3 offers improved security and speed and is a huge overhaul compared to its last version TLS 1.2. In TLS 1.2 there used to be many steps in the process of establishing a connection between client and server which after 4 years of efforts from the IETF has been successfully reduced. Some of the noteworthy improvements being –
- The “Handshake state machine” has been made much more streamlined making it much more consistent while at the same time removing superfluous messages .
- A zero-RTT (0-RTT) mode has been added .
- All the “Handshake” messages after “ServerHello” will be encrypted.
The new Transport Layer Security 1.3 also manages to improve itself by removing many of the obsolete features which were part of its previous version like –
These are just some of the major changes which have been made , you can find out about all the changes made in the 155 page release by the IETF which can be found here. The protocol did get a unanimous approval from IETF but there is still a long way to go before it will be adopted by companies and websites.
The person on the left likes playing video games, football. Loves reading novels, cycling and photography. Click on the link above to read more articles from him