Dan Munro - Dev-Sec-Ops Engineer   News  Archives  Recommendations

TLS 1.3 RFC Draft Published

The Internet Engineering Task Force (IETF) has published an RFC for version 1.3 of the venerable Transport Layer Security (TLS) protocol. A yearslong process, this upgrade addresses a number of flaws identified in the previous version.

The internet is about to get a little safer, and a little faster.

Articles About The New Spec

These articles do a much better job summarizing the changes than I could here:

Short Summary of TLS 1.2 Exploits

Perhaps the most notable vulnerability, Hearbleed, was disclosed in 2014. However, there have been a number of disclosed vulnerabilities since.

Written on Aug 13, 2018.