Overview#
TLS 1.2 is TLS version 1.2 has a Version protocol ID of 0x0303TLS 1.2 was defined in RFC 5246 in August 2008. It is based on the earlier TLS 1.1 specification.
TLS 1.2 is the only version of TLS that is supported by Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)
This protocol was defined in RFC 5246 in August of 2008 and is based on TLS 1.1, however, TLS 1.2 contains improved flexibility.
The major differences in TLS 1.2 include:
- The MD5/SHA-1 combination in the pseudorandom function (PRF) was replaced with cipher-suite-specified PRFs.
- The MD5/SHA-1 combination in the digitally-signed element was replaced with a single hash. Signed elements include a field explicitly specifying the hash algorithm used.
- There was substantial cleanup to the client's and server's ability to specify which hash and Digital Signature algorithms they will accept.
- Addition of support for Authenticated Encryption with Associated Data with additional data modes.
- TLS extensions definition and AES Cipher Suites were merged in.
- Tighter checking of EncryptedPreMasterSecret version numbers.
- Many of the requirements were tightened
- Verify_data length depends on the Cipher Suite
- Description of Bleichenbacher/Dlima attack defenses cleaned up.!! More Information
- Best Practices OpenID Connect
- Cipher Suite
- ClientHello
- Data In Transit
- Deprecating Secure Sockets Layer Version 3.0
- Deprecating TLSv1.0 and TLSv1.1
- Diffie-Hellman Ephemeral
- EDirectory TLS
- Lucky 13
- Mutual TLS
- NIST.SP.800-52
- NSA Suite B Cryptography
- OAuth 2.0 Dynamic Client Registration Management Protocol
- Poodle
- Prohibiting RC4 Cipher Suites
- RFC 5246
- Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)
- Record Protocol
- SHA-1
- ServerHello
- Supported_versions
- TLS 1.3
- TLS 1.3 Cipher Suites
- TLS Full Handshake
- TLS PRF
- TLS Session Resumption
- Token Binding over HTTP
- Transport Layer Security
- Transport Layer Security (TLS) Extension for Token Binding Protocol Negotiation
