10 Oct: TLS v1.3 - What's New?

A bigger difference to the protocol than between 1.0 to 1.2 - here's the key changes: Here's an example showing the more efficient connection set up:

Lets choose one of this list of ciphers   ->
                                                            <-  OK, here's the cipher I choose, and here's my key share
Great, here's my keyshare as well  ->
                                                            <-  Great, all set!
http get  ->
                                                            <-  http answer


I reckon you'll be happy to use cipher X, here's my key share ->
                                                             <- Yep, cipher X sounds good, here's my key share, we're all set!
All set, http get  ->
                                                             <- http answer

If the server doesn't agree on the cipher, TLSv1.3 can fall back to TLS1.2 style handshaking. Its worth highlighting that this improvment over TLSv1.2 is only during the first time connection. v1.2 already has a fast resumption mechanism to make a new connection to a server it has previously connected to by storing a session ticket for use next time. v1.3 introduces improvement to the security of fast resume.
© 2017