×

Send a request

and we will call back to you soon

*fields are required

News

04-04-18, Encryption protocol TLS 1.3 was finalised and approved by the IETF

The new TLS 1.3 protocol was finalised on 21 March 2018. Prior to this, the protocol hadn’t been updated for more than 8 years. TLS 1.3 brings improved security and performance.

The Internet Engineering Task Force (IETF) is responsible for the description of the TLS protocol. The previous version of TLS (TLS 1.2) was described in RFC 5246 and was used for 8 years, with supported by most web browsers. On 21 March 2018, protocol TLS 1.3 was finalised.

Improved speed in TLS 1.3

In terms of web performance, TLS and encrypted connections initially added additional milliseconds. With the advent of HTTP/2, this problem was solved and TLS 1.3 now allows even faster encrypted connections. In TLS 1.3, the following features were introduced:

  • TLS false start
  • Zero Round Trip Time (0-RTT)

In version 1.2, a TLS handshake required two round-trips, while in TLS 1.3 only one round-trip is needed for this. This means the encryption procedure time is halved.

So Zero Round Trip Time is another advantage. If you visited any site previously, then you can send data in the first message to the server. This feature is called 0-RTT. As a result, pages load much faster.

Improved security in TLS 1.3

TLS 1.3 removed obsolete and unsafe algorithms that existed in TLS 1.2: SHA-1, RC4, DES, 3DES, AES-CBC, MD5, CVE-2016-0701 and so on.

This means that attacks on TLS, such as Heartbleed, POODLE, etc. that had previously occurred, can be avoided.

Connections will continue to fall back to the TLS 1.2 version of the protocol if either side does not support TLS 1.3, but if an attacker attempts to trick this fallback (using man-in-the-middle (MITM) attacks), then in TLS 1.3 will be detect this and prevent it from happening.

The protocol has become more simple, and therefore there are likely to be fewer configuration errors.

Browser support:

  • In Chrome 63, TLS 1.3 support is enabled for outbound connections. TLS 1.3 support appeared in Chrome 56.
  • In Firefox 52, TLS 1.3 is enabled by default. It is also included in Quantum.

Other browsers promise to include the protocol in a few months’ time.



Start a 14-day Free Trial

Try SSL certificate with a 14-day free trial and feel our great service It’s very easy to start - you don’t risk anything. If you will not like it, just dont pay after end of trial. No credit card required.

Are you ready to try?

Have any questions? Call us now +31 20 7640722

Leave your contact details to get the FAQ by email

A link to download the PDF version of the FAQ has been successfully sent to your email

Error sending mail. Please try again later.

*fields are required
SSL