Monday, May 12, 2025
HomeSSL/TLSTransport Layer Security (TLS) 1.3 approved by IETF With the 28th Draft

Transport Layer Security (TLS) 1.3 approved by IETF With the 28th Draft

Published on

SIEM as a Service

Follow Us on Google News

The much required Transport Layer Security version TLS 1.3 approved finally by IETF after 28 drafts. TLS 1.3 is not a minor redesign, it is a major redesign of TLS 1.2.

Internet Engineering Task Force (IETF) is an open source community of network designers, operators, vendors, and researchers who collaborate to evaluate the standards.

TLS 1.2 was published in August 2008 after a long hold up as of March 21st, 2018, TLS 1.3 has now been concluded, after going into more than four years and 28 drafts. To explore drafts list.

- Advertisement - Google News

TLS1.3 – Enhanced Security and Speed

Web connections depend on TLS for securing network traffic and TLS 1.3 be a big step to move forward in securing connections with enhanced performance.

With TLS 1.3 forward secrecy is mandatory, which ensures your sessions key will not be compromised even if the private key that present in the server is compromised.

TLS 1.3 removes old and unsafe cryptographic primitives, it is built using modern analytic techniques to be safer, it is always forward secure, it encrypts more data, and it is faster than TLS 1.2.

TLS 1.3 now removes obsolete and insecure features from TLS 1.2, including the following:

SHA-1
RC4
DES
3DES
AES-CBC
MD5
Arbitrary Diffie-Hellman groups — CVE-2016-0701
EXPORT-strength ciphers – Responsible for FREAK and LogJam

It includes new algorithms, such as ed25519, ed448, X25519, X448 ChaCha20/Poly1305.

The TLS 1.3 version requires only a single round trip to set up the connections which give enormous speed for new connections.

TLS 1.3 is designed for speed, specifically by reducing the number of network round-trips required before data can be sent to one round-trip (1-RTT) or even zero round-trips (0-RTT) for repeat connections.

TLS 1.3  approved

TLS 1.3 brings changes in handling Server Name Identification “the SNI value is explicitly specified in the handshake, so the servers do not require to associate the SNI value in the ticket”.

TLS 1.3  approved

Support for TLS 1.3 enabled from Chrome 56 and Firefox 52. There are Three TLS 1.3 servers to play with: https://enabled.tls13.com/, https://www.allizom.org/, and https://tls13.crypto.mozilla.org/.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

APT37 Hackers Use Weaponized LNK Files and Dropbox for Command-and-Control Operations

The North Korean state-sponsored hacking group APT37, also known as ScarCruft, launched a spear...

Open Source Linux Firewall IPFire 2.29 – Core Update 194 Released: What’s New!

IPFire, the powerful open-source firewall, has unveiled its latest release, IPFire 2.29 – Core...

Threat Actors Leverage DDoS Attacks as Smokescreens for Data Theft

Distributed Denial of Service (DDoS) attacks, once seen as crude tools for disruption wielded...

20-Year-Old Proxy Botnet Network Dismantled After Exploiting 1,000 Unpatched Devices Each Week

A 20-year-old criminal proxy network has been disrupted through a joint operation involving Lumen’s...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Fake Certificate Issued for Alibaba Cloud After SSL.com Validation Trick

A critical vulnerability in SSL.com’s domain validation process allowed unauthorized parties to fraudulently obtain...

10 Best Free SSL Checker Tools 2024

SSL Checker helps you troubleshoot common SSL issues and SSL endpoint vulnerabilities. With the...

Google to Reduce SSL Certificate Lifespan to 90 Days

Recently, Google declared its plan to reduce the maximum validity for public TLS (SSL)...