<meta charset="UTF-8">
<meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" type="image/x-icon" href="/wiki/images/favicon.ico" />
<link rel="icon" type="image/x-icon" href="/wiki/images/favicon.ico" />

<pre>
!!! Overview[1][2][3]
[{$pagename}] is [Transport Layer Security] ([TLS]) version 1.3 ([TLSv1.3]) is defined in [RFC 8446][{$pagename}] is a __major overhaul__ and has two main advantages over previous versions:
* Enhanced security
* Improved speed

[{$pagename}] supersedes and [Obsoletes] previous versions of [TLS], including 
* __[Obsoletes]__ [TLS 1.2] [RFC 5246]
* __[obsoletes]__ [Transport Layer Security (TLS) Session Resumption without Server-Side State] (TLS Ticket) mechanism defined in [RFC 5077] and replaces it with the mechanism defined in [RFC 8446] Section 2.2. 
* __updates__ [RFC 5705] as described in [RFC 8446] Section 7.5 because of changes the way [keys are derived|Key Derivation Function]
* __changes__ how [Online Certificate Status Protocol] ([OCSP]) messages are carried and therefore updates [RFC 6066] and obsoletes [RFC 6961] as described in [RFC 8446] Section 4.4.2.1.[{$pagename}] embraces the &quot;less is more&quot; philosophy, removing support for older broken forms of [cryptography]. That means you can’t turn on the potentially vulnerable stuff, even if you try. The list of __[TLS 1.2] features that have been removed is extensive__, and most of the exiled features have been associated with high profile [attacks].[2] 

!! [{$pagename}] Supports 5 [Cipher Suites]
[TLS 1.3 Cipher Suites]

!! [{$pagename}] [Key-Exchange] [algorithms]
*  [DHE] &amp; [ECDHE]
** Only 5 [ECDHE] curve groups supported
** Only 5 [DHE] finite field groups supported
* [Pre-Shared Key] ([PSK])
* [ECDHE_PSK]

!! Other Major differences from [TLS 1.2] include:
* __Removing support__ for [Cryptographically Weak] and lesser-used named [Elliptic Curves]
* __Removing support __for [MD5] and [SHA-224] [cryptographic Hash Functions]
* __Requiring [Digital Signatures]__ even when a previous configuration is used
* __Replacing [TLS Session Resumption]__ with [PSK] and tickets
* Supporting [1-RTT Handshakes] and initial support for [0-RTT Handshakes]
* All handshake messages after the [ServerHello] are now [encrypted].
* [Key Derivation Functions] have been re-designed, with the [HMAC]-based Extract-and-Expand [Key Derivation Function] ([HKDF]) being used as a primitive.
* Integrating use of session hash
* __[Deprecating|Deprecated]__ use of the [record layer version number|Record Protocol] and freezing the number for improved backwards compatibility
* Moving some security-related algorithm details from an appendix to the specification and relegating ClientKeyShare to an appendix
* Integrating [HKDF] and the semi-[ephemeral] [Diffie-Hellman] proposal
* All  [Symmetric Key Cryptography] [algorithms] use [Authenticated Encryption with Associated Data] ([AEAD]).
*  [RSA] padding now uses [Probabilistic Signature Scheme]
* Addition of the [ChaCha20] [Stream Cipher] with the [Poly1305] [Message Authentication Code] (The only [Stream Cipher] supported)
* Addition of the [Ed25519] and [Ed448] digital signature algorithms
* Addition of the [x25519] and [x448] [Key-Exchange] [protocols]! Dropping support for many unsecure or [obsolete] features including:
* [TLS Compression]
* [TLS Renegotiation] -  [{$pagename}] forbids renegotiation, if a server receives a [ClientHello] at any other time, the connection [MUST] be terminated
* __non-[AEAD] ciphers__
* __static [RSA]__ - Those [Cipher Suites] which use the [Public Key] contained in the server [certificate] for [RSA key-exchange].
* __static [Diffie-Hellman key-exchange]__
* __custom [DHE] groups__
* point format negotiation
* [Change Cipher Spec protocol|Change_cipher_spec]
* [clientHello] and [serverHello] [UNIX] time
* the length field AD input to [AEAD] ciphers
* Prohibiting [SSL] or [RC4] negotiation for backwards compatibility!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [Transport_Layer_Security#TLS_1.3_.28draft.29|Wikipedia:Transport_Layer_Security#TLS_1.3_.28draft.29|target='_blank'] - based on information obtained 2017-02-22 
* [#2] - [Introducing TLS 1.3|https://blog.cloudflare.com/introducing-tls-1-3/|target='_blank'] - based on information obtained 2017-03-02 
* [#3] - [A Detailed Look at RFC 8446 (a.k.a. TLS 1.3)|https://blog.cloudflare.com/rfc-8446-aka-tls-1-3/|target='_blank'] - based on information obtained 2018-08-11- 
</pre>