TLS 1.3
  1. Home
  2. TLS 1.3
This is the LATEST and RECOMMENDED Version of TLS. However, TLS 1.2 can also still be used for legacy support.
TLSv1.3 is still a fairly new protocol. Check back regularly for updates about potential issues.
ETS or eTLS is an artificially weakened version of TLS 1.3 and SHOULD NOT BE USED.

Last Updated Tue, 7 Jan 2020 18:05:12 +00000

Overview:

TLSv1.3 is the latest version of the Transport Layer Security, or TLS, protocol. This protocol was designed for securing internet traffic and is typically seen in client/server architectures like connecting to a website from a browser. It was officially made a standard by the IETF in 2018 as an improvement upon TLSv1.2, providing many security and performance enhancements.

Filippo Valsorda had a great talk describing the major benefits of TLS 1.3 vs that of TLS 1.2. Many products, services, and companies have migrated to TLSv1.3 as it is the recommended version of the protocol. Implementations can be found in many major TLS stacks, but some are listed here.

One particularly valuable improvement of TLS 1.3 over 1.2 is simplicity of configuration. At the time of this writing, there are only five cipher suites for TLS 1.3. Each cipher suite uses an authenticated encryption algorithm, so no separate MAC algorithm is required. This greatly reduces the burden on IT and development professionals to figure out which parameters are recommended.

Getting Started:

Developer's QuickStart
Examples on properly integrating TLSv1.3 into your application, with source code snippets in C and python.
IT Admin's QuickStart
An introduction to where TLS is leveraged in an IT ecosystem, including where configuration files and pertinent security controls live on a system.
Manager's QuickStart
A guide to adoption and use of TLSv1.3 in your projects and organization.

More Useful Information:

    Warnings:

  1. Turn off 0-RTT: 0-RTT, or the zero round trip functionality that was written into the TLSv1.3 specification could allow for replay attacks. It is recommended to disable this functionality. These security concerns are documented near the end of the RFC, but attacks have also been presented at conferences. See the Further Reading section for links.
  2. Disable RSA key exchange in TLS 1.2: Although TLS 1.3 has mechanisms in place to prevent downgrade attacks, these mechanisms can be bypassed if the downgrade is to TLS 1.2 and the key exchange is performed with RSA encryption. If you are running TLS 1.2 alongside TLS 1.3 (this is common!), you must ensure that TLS 1.2 does not provide RSA key exchange as an option. https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2019/february/downgrade-attack-on-tls-1.3-and-vulnerabilities-in-major-tls-libraries/