Overview#TLS 1.2 is TLS version 1.2 has a Version protocol ID of 0x0303
TLS 1.2 is the only version of TLS that is supported by Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)
This protocol was defined in RFC 5246 in August of 2008. Based on TLS 1.1,TLS 1.2 contains improved flexibility.
The major differences in TLS 1.2 include:
- The MD5/SHA-1 combination in the pseudorandom function (PRF) was replaced with cipher-suite-specified PRFs.
- The MD5/SHA-1 combination in the digitally-signed element was replaced with a single hash. Signed elements include a field explicitly specifying the hash algorithm used.
- There was substantial cleanup to the client's and server's ability to specify which hash and signature algorithms they will accept.
- Addition of support for authenticated encryption with additional data modes.
- TLS Extensions definition and AES Cipher Suites were merged in.
- Tighter checking of EncryptedPreMasterSecret version numbers.
- Many of the requirements were tightened
- Verify_data length depends on the cipher suite
- Description of Bleichenbacher/Dlima attack defenses cleaned up.
More Information#There might be more information for this subject on one of the following:
- Cipher Suite
- Data In Transit
- Diffie-Hellman Ephemeral
- NSA Suite B Cryptography
- OAuth 2.0 Dynamic Client Registration Management Protocol
- Prohibiting RC4 Cipher Suites
- RFC 5246
- Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)
- Record Protocol
- TLS 1.3
- TLS Full Handshake
- TLS PRF
- TLS Session Resumption
- Token Binding Protocol Negotiation
- Token Binding over HTTP
- Transport Layer Security