Overview#

TLS 1.2 is TLS version 1.2 has a Version protocol ID of 0x0303

TLS 1.2 was defined in RFC 5246 in August 2008. It is based on the earlier TLS 1.1 specification.

TLS 1.2 is the only version of TLS that is supported by Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)

This protocol was defined in RFC 5246 in August of 2008. Based on TLS 1.1,TLS 1.2 contains improved flexibility.

The major differences in TLS 1.2 include:

  • The MD5/SHA-1 combination in the pseudorandom function (PRF) was replaced with cipher-suite-specified PRFs.
  • The MD5/SHA-1 combination in the digitally-signed element was replaced with a single hash. Signed elements include a field explicitly specifying the hash algorithm used.
  • There was substantial cleanup to the client's and server's ability to specify which hash and signature algorithms they will accept.
  • Addition of support for authenticated encryption with additional data modes.
  • TLS Extensions definition and AES Cipher Suites were merged in.
  • Tighter checking of EncryptedPreMasterSecret version numbers.
  • Many of the requirements were tightened
  • Verify_data length depends on the cipher suite
  • Description of Bleichenbacher/Dlima attack defenses cleaned up.

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-6) was last changed on 07-Jan-2017 09:38 by jim