An Overview of TLS 1.3 faster and More Secure
What is TLS?
TLS refers to Transportation Layer Security and is the successor of SSL (Secure Sockets Layer). TLS ensures secure communications between web browsers and servers. The connection itself is safe since symmetric cryptography is employed to encrypt the data transmitted. Keys are generated uniquely for each connection and built on a shared secret that is negotiated prior to the start of the session. It is commonly referred to as an TLS handshake. Assistance
SSL/TLS certificates offer the true magic behind what many people simply refer to as HTTPS. appears in the browser's address bar.
- TLS 1.3 in comparison to TLS 1.2
- Speed The benefits of TLS 1.3
- Improved Security with TLS 1.3
- TLS 1.3 Browser Support
- TLS 1.3 Server Support
- TLS 1.3 Support
TLS 1.3 in comparison to TLS 1.2
Businesses like Cloudflare are currently providing TLS 1.3 accessible to their customers. Filippo Valsorda presented a fantastic presentation (see the presentation below) regarding the distinctions between TLS 1.2 in comparison to TLS 1.3. In short, the major benefit of TLS 1.3 in comparison to the TLS 1.2 is speedier speeds as well as improved security.
Speed Advantages of TLS 1.3
Do you want to know how we increased our volume by more than 1000%?
Join over 20,000 others to get our weekly newsletter with insider WordPress advice!
Spend less time worrying about the security and performance of your site, and more time growing your company. Test it for free.
The other benefit is that in a sense, it remembers! If you've previously visited a website, it will remember! visited, you can now communicate data in the first message you send to the server. This is referred to as"zero round trip. "zero round trip." (0-RTT). Yes, it will also lead to improved loading time.
TLS 1.3 is quicker than 1.2 .... RUM data (30days) showing median TLS handshake times #webperf #isTLSFastYet pic.twitter.com/Mc4RHwg8Vt
-- Tim Vereecke (@TimVereecke) May 16, 2019
Enhance Security With TLS 1.3
One of the biggest issues of TLS 1.2 is that it's often not configured properly it makes websites more vulnerable to attack. TLS 1.3 now removes obsolete and unsecure functions from TLS 1.2 which include the following:
- SHA-1
- RC4
- DES
- 3DES
- AES-CBC
- MD5
- Arbitrary Diffie Hellman groups CVE-2016-0701
- EXPORT-strength-ciphers are responsible the ciphers for FREAK and LogJam
Because the protocol is in a sense less complicated, this makes it less likely for programmers and administrators to make a mistake in the design of the protocol. Jessie Victors, a security consultant, specializing in privacy-enhancing technology and cryptography applied said:
I am excited for the coming standard. I believe we'll see significantly less security vulnerabilities and can trust TLS much higher than in the past.
Google is also raising the bar. They have begun to warn users on their search consoles that they are moving into TLS version 1.2 in order to ensure that TLS 1 does not seem to be the most secure. They have set a deadline of March 2018.
TLS 1.3 Browser Support
Chrome has been providing the preliminary version of TLS 1.3 since Chrome 65. In Chrome 70 (released on October, 2018), the final release of TLS 1.3 was enabled for connection outgoing.
An early version of TLS 1.3 was enabled in Firefox 52 and up (including Quantum). It was using the insecure fallback of TLS 1.2 until they knew more about server tolerance and TLS 1.3. 1.3 handshake. Firefox 53 (released in October, 2018) was released with the final version of TLS 1.3.
Microsoft Edge started supporting TLS 1.3 with version 76, and is enabled by default in Safari 12.1 running macOS 10.14.4.
In addition, certain SSL tests accessible on the Internet do not support TLS 1.3 as of yet, and neither are other browsers, such as IE and Opera mobile.
It may take some time for the rest of the browsers to catch up. A majority of browsers are in development currently. Cloudflare has an excellent post regarding why TLS 1.3 isn't in browsers yet.
But, on September 11th, 2018, TLS 1.3 surpassed TLS 1.0 as the second most used version at Cloudflare.
Did you know what has happened in the past 24 hours? TLS 1.3 surpasses TLS 1.0 as the second-most popular version of TLS that is analyzed by Cloudflare. #tls13 pic.twitter.com/ASzgNaUIy0
--- Nick Sullivan (@grittygrease) September 11, 2018,
TLS 1.3 Server Support
If you're wondering to know if your host or server supports TLS 1.3 however, you may make use of the SSL Test tool. Test software. Just scan your domain, and scroll down to the "Protocol Features" section. The application will either say yes or no.
TLS 1.3 Support
Our CDN Partner, KeyCDN, launched TLS 1.3 with 0-RTT support on the 27th of September, 2018. The new support was added to all assets and media delivered by the CDN.
In August of 2019, we introduced TLS 1.3 support to all of our servers. You can now enjoy the web performance and security benefits of TLS 1.3.
Summary
Cut down on time, expenses and maximize site performance with:
- Instant help 24/7 support from WordPress hosting specialists, 24 hours a day.
- Cloudflare Enterprise integration.
- Reaching a global audience with 29 data centers worldwide.
- Optimization through the built-in Application for Performance Monitoring.