TLS is the most widely used cryptographic protocol and it is the backbone of secure Internet communication. TLS 1.3 designed for speed by reducing the network of round-trips and enhances security by removing unsafe cryptographic primitives.
Facebook built Open Source Library Fizz to implement support for TLS 1.3, now the Fizz handles millions of TLS 1.3 handshakes every second.
The social media giant said “Fizz and TLS 1.3 globally in our mobile apps, Proxygen, our load balancers, our internal services, and even our QUIC library, mvfst.Fizz has reduced not only the latency but also the CPU utilization of services that perform trillions of requests a day.”
TLS 1.3 reduces the latency considerably in establishing initial secure connections when compares to TLS 1.2.
Fizz currently supports TLS 1.3 drafts 28, 26 (both wire-compatible with the final specification), and 23. All major handshake modes are supported, including PSK resumption, early data, client authentication, and HelloRetryRequest.
Its servers are async by default and it supports for scatter/gather I/O APIs, as it accepts scatter/gather method of input and output it allows the user’s to pass chunked data, encrypts and place in chunk memory, which avoids the need to copy data.
According to Facebook “Fizz provides two kinds of APIs to be able to handle rejection of early data, either transparently or by allowing the app to change the data it sends during retry.”
It is built with security in mind from the ground up, with secure abstractions, it delivers the reliability and performance of TLS 1.3.
Now more than 50% of the internet traffic is secured with TLS 1.3 and it continues to grows as browsers adopted support for TLS 1.3. Starting from version 61.0, by default Firefox 61 supports for the latest draft of TLS 1.3. Chrome 63 enables support for TLS 1.3.