VIDEO
HIGHLIGHT
Log InSign up
TLS 1.3 - What Changes? What stays the same?
SummaryTranscriptChat

TLS 1.3 - What Changes? What stays the same?

TLS Protocol Overview

In this section, the speaker introduces the concept of TLS (Transport Layer Security) and its significance in securing internet connections.

Introduction to TLS

  • TLS is the protocol that secures internet connections, often represented by a padlock symbol.
  • SSL (Secure Sockets Layer) was an earlier version of TLS but is no longer widely used.
  • The newest version of SSL is TLS version 1.3, with approximately 60% of websites supporting it.

Changes in TLS Version 1.3

This part discusses the significant changes introduced in TLS version 1.3 and highlights the importance of understanding these modifications.

Evolution from Previous Versions

  • In 2018, TLS version 1.3 brought substantial changes and improvements to enhance security.
  • Lessons from over two decades of security practices were incorporated into TLS 1.3 for enhanced protection.

Continuity in Security Principles

This segment emphasizes that despite advancements in TLS version 1.3, fundamental security principles remain consistent across different versions.

Consistency in Security Elements

  • Concepts such as confidentiality, integrity, and authentication continue to be crucial for data security.
  • Aspects like cryptography techniques, certificates, keys, and certificate verification remain unchanged from previous versions.

TLS Handshake Process

Exploring the revised handshake process in TLS version 1.3 and how it impacts communication between clients and servers.

New Handshake Dynamics

  • TLS version 1.3 introduces a new approach to handshaking for establishing secure sessions between clients and servers.
  • While some elements remain familiar like client hello and server hello messages, significant changes occur during the handshake process itself.

Compatibility Over Security in TLS 1.3

The section discusses the mantra of prioritizing compatibility over security in TLS 1.3 and introduces the major changes brought about by TLS 1.3.

Changes Categorized into Four Groups

  • TLS 1.3 changes are categorized into four groups:
  • Cypher Suites
  • TLS Handshake
  • Session Renegotiation
  • Session Resumption

Major Overhaul for Simplicity and Security

  • TLS 1.3 signifies a significant overhaul from previous versions, focusing on simplicity and security over backward compatibility.
  • Despite numerous changes in TLS 1.3, most concepts learned previously will still apply.

Conclusion and Course Promotion

The conclusion wraps up the first lesson of the TLS 1.3 module and promotes a full course on SSL and TLS for further learning.

Course Promotion Details

  • The full course "Practical TLS" offers an in-depth exploration of SSL and TLS with methodical teaching, easy illustrations, covering cryptography, certificates, private keys, handshake process, OpenSSL, making learners proficient in SSL expertise.
  • To learn more about the course or preview free lessons, visit pracnet.net TLS or check out other previews on YouTube.
Video description

TLS 1.3 was released in 2018 with RFC 8446 -- a full 10 years after the version prior (TLS 1.2, RFC 5246). TLS 1.3 introduced many changes to TLS and how secure communication works. TLS 1.3 was in fact a major overhaul of how SSL works. Despite all the changes, not everything in TLS 1.3 is different -- a lot stays the same. In this video we outline what remains the same, and list 20 different significant changes in TLS 1.3. This lesson serves as an introduction to the upcoming lessons in the series, where each difference will be discussed in more detail. 👉 This is a sample lesson from my SSL & TLS deep dive course: Practical TLS. https://pracnet.net/tls 🔑 More free lessons from the course: https://www.youtube.com/playlist?list=PLIFyRwBY_4bTwRX__Zn4-letrtpSj1mzY 🏢 Do you configure or troubleshoot TLS/SSL for work? If so, I'm willing to bet your employer would happily pay for this SSL training. Reach out if you'd like to coordinate an introduction for a bulk license purchase with your company. If your referral leads to live training engagement, I'll buy you an iPad (or tablet of similar value of your choice) 💬 Join Practical Networking Discord https://pracnet.net/discord 0:00 - What is TLS? 0:24 - TLS 1.3 is the latest version 0:42 - How to check what version of TLS you are using 1:13 - TLS 1.3 changes the way we secure data 2:01 - Differences in TLS 1.3 3:09 - What stays the same in TLS 1.3? 4:41 - TLS 1.3 changes the TLS handshake 5:14 - TLS 1.3 favors simplicity and security over backwards compatability 5:47 - Significant changes in TLS 1.3 7:08 - Practical TLS - a deep dive into SSL & TLS #ssl #tls #cybersecurity