TLS 1.3 has officially become standard last week, offering improved privacy, security and performance to the internet security protocol.
The Internet Engineering Task Force (IETF) made version 1.3 of the Transport Layer Security (TLS) protocol official August 10th, more than four years after the protocol was first drafted in April of 2014.
Securely sending information over the internet is foundational and critical for online commerce, healthcare and other sensitive transactions.
The primary goal of the TLS protocol is to allow secure channel between communicating applications or peers over the internet. TLS is designed to prevent eavesdropping, tampering and message forgery.
The IETF describes some of the improvements to TLS 1.3:
“In contrast to TLS 1.2, TLS 1.3 provides additional privacy for data exchanges by encrypting more of the negotiation handshake to protect it from eavesdroppers. This enhancement helps protect the identities of the participants and impede traffic analysis. TLS 1.3 also enables forward secrecy by default which means that the compromise of long term secrets used in the protocol does not allow the decryption of data communicated while those long term secrets were in use. As a result, current communications will remain secure even if future communications are compromised.”
See the full RFC 8446 standard to include much more details on the protocol and enhancements.