IETF approves TLS 1.3 as the internet standard, ietftls

Source: Internet
Author: User

IETF approves TLS 1.3 as the internet standard, ietftls

The IETF of the Internet Engineering Task Group approves TLS 1.3 as the internet standard. The IETF has officially approved TLS 1.3 as the next major version of Transport Layer Security (TLS) protocol, the IETF organization is an organization that specifically approves Internet standards and protocols.

 

 

This decision was proposed after four years of discussion and 28 draft protocols, and the 28th draft was selected as the final version.

TLS 1.3 becomes the communication standard between the client and the server, that is, the HTTPS standard.

Stronger encryption and less latency

This Protocol has several advantages over the previous version-TLS 1.2. The biggest feature is that TLS 1.3 replaces old encryption algorithms and hash algorithms (such as MD5 and SHA-224) with newer and more difficult to crack solutions (such as ChaCha20, Poly1305, Ed25519, x25519 and x448 ).

Second, TLS 1.3 is much faster when negotiating the initial handshake between the client and the server, thus reducing latency.

Third, TLS 1.3 also supports functions such as TLS False Start and zero round-trip time (0-RTT), which helps shorten the time required to establish an encrypted handshake with the client segment and the host that previously communicated.

Fourth, TLS 1.3 has the ability to defend against degradation attacks, preventing attackers from deceiving servers to use older versions of protocols and thus exploiting previous vulnerabilities.

The IETF rejects the backdoor.

All in all, TLS 1.3 has played a significant role in promoting the security of the Internet, and is considered almost impossible to crack with current technologies.

Before IETF members unanimously voted to pass the protocol, financial institutions had requested to add backdoors to the Protocol so that they could decrypt TLS 1.3 traffic.

The proposal was ridiculed by experts and pointed out that if a backdoor is implanted, TLS 1.3 will be useless.

Middleware Problems

Chrome, Edge, Firefox, Pale Moon and other browsers have released support for earlier versions of TLS 1.3, which is expected to be updated to the official standard.

Although browsers will be the fastest software to implement TLS 1.3, the main problem is that old internet middleware devices need to receive firmware updates to support new protocols.

According to a Cloudflare survey conducted in December 2017, TLS 1.3 only accounts for 0.06% of Internet HTTPS traffic. The main reason for this small market share is that many middleware deliberately downgrade traffic.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.