Introduction

<aside> 🕵️ Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing HTTPS remains the most publicly visible. TLS 1.0 was first defined in RFC 2246 in January 1999 as an upgrade of SSL Version 3.0

</aside>

<aside> 🛣️ Port 80 is typically used for unencrypted HTTP traffic while port 443 is the common port used for encrypted HTTPS traffic. Another mechanism is to make a protocol-specific STARTTLS request to the server to switch the connection to TLS – for example, when using the mail and news protocols.

</aside>

TLS 1.3

TLS 1.3 was defined in RFC 8446 in August 2018.[6] It is based on the earlier TLS 1.2 specification. Major differences from TLS 1.2 include:[47]

• Separating key agreement and authentication algorithms from the cipher suites

  [44]

  [6]

  : §11

• Removing support for weak and less-used named elliptic curves

• Removing support for MD5 and SHA-224 cryptographic hash functions

• Requiring digital signatures even when a previous configuration is used

• Integrating HKDF and the semi-ephemeral DH proposal

• Replacing resumption with PSK and tickets

• Supporting 1-RTT handshakes and initial support for 0-RTT

• Mandating perfect forward secrecy, by means of using ephemeral keys during the (EC)DH key agreement

• Dropping support for many insecure or obsolete features including compression, renegotiation, non-AEAD ciphers, null ciphers, non-PFS key exchange (among which are static RSA and static DH key exchanges), custom DHE groups, EC point format negotiation, Change Cipher Spec protocol, Hello message UNIX time, and the length field AD input to AEAD ciphers

  [48]

• Prohibiting SSL or RC4 negotiation for backwards compatibility

• Integrating use of session hash

• Deprecating use of the record layer version number and freezing the number for improved backwards compatibility

• Moving some security-related algorithm details from an appendix to the specification and relegating ClientKeyShare to an appendix

• Adding the ChaCha20 stream cipher with the Poly1305 message authentication code

• Adding the Ed25519 and Ed448 digital signature algorithms