cyber security lock blue

TLS 1.3, why Firefox and Chrome rush to integrate it

HTTP protocol did it in 2015, giving rise to his natural successor, HTTP/2. And it does now TLS 1.2, heir of the most popular SSL, resulting in TLS 1.3 (RFC 8446) and incorporating major improvements in security, speed and privacy as explained by those responsible.

One of the fundamental security protocols for the network, which makes possible secure communications between a server and a surfer, has completed a thorough revision presenting TLS 1.3 as the new official standard. And browsers like Firefox or Chrome already use it.

So you can be reading this text in your browser, both this fundamental protocol and many other essentials have come into action. We are talking about TCP, IP, UDP, DNS or HTTP/HTTPS. Systems of rules that allow a correct communication between several parties and evolve, necessarily, adapting to new realities.

The importance of TLS 1.3

Google Chrome announced a few months ago that will stop indicating that an HTTPS website “is safe” because that should be normal. Users should expect a web, by default, to be secure as understood in Mountain View, so any portal should use HTTPS.

And the machinery under the hood responsible for the mythical HTTP protocol can carry that letter “S” at the end, which means safe, and ensures that the content that a visitor sees comes from the legitimate party responsible for the page and is safe from monitoring, It is the TLS protocol.

According to those responsible, it eliminates much of the obsolete cryptography of its predecessor.

This review focuses solely on algorithms without known vulnerabilities, having been designed in cooperation with the academic security community.

The level of review and analysis of the protocol is considered extraordinary and includes security checks.

It also helps protect the identities of the participants in the communications and prevents the analysis of traffic, according to those responsible. In addition, thanks to the perfect secret by default that incorporates, ensure that current communications will remain secure even if future communications are compromised.

black and gray laptop computer turned on
Photo by Markus Spiske on Unsplash

The new TLS 1.3 connections are designed to be completed on a round trip between the client and the server, without needing more. Even some applications can employ a round trip mode of zero data, which allows a previous sending of information to the server.

This improvement and the rest “make TLS 1.3 faster than ever,” they say from the IETF. And it is important, because although we have a very powerful computer, TLS is decisive when it comes to accessing a website.

From xataka.com