After 4 years in development the advanced and greatly improved Transport Layer Security 1.3 has finally been released by the Internet Engineering Task Force, and it promises to transform internet speed and security for the majority of users around the world. TLS 1.3 sits behind the HTTPS standard and it is what ensures its high security, though the past few years have seen major failures in HTTPS and the new protocol is a much-welcomed update.
The main major change introduced by the new standard is the amount of time that a browser and a website connection goes unencrypted. TLS 1.3 reduces this ‘handshake’ time dramatically and that means there is almost no time where the connection isn’t encrypted. As a result, online payments and general browsing are far more secure and will be even faster.
ZDNet outlines that the new standard also cuts off a number of old encryption code within HTTPS that have been around for almost a decade, making TLS 1.3 one of the biggest leaps forward in internet security in almost 10 years.
The new layer of security also doesn’t accept the use older versions of the encryption either. This adds an extra buffer protecting websites from criminals as they can’t revert to the old standard to break into websites or transactions and steal data.
Almost all cyber security analysts are in agreement with the new standard. The main consensus being that it isn’t hard to see that this update has been far overdue and something major really did need to be done to prevent the countless cyber attacks we are seeing every month.
Do you have TLS 1.3?
Major browsers like Firefox, Chrome and Edge all have support for TLS 1.3 built into their latest code, though it isn’t switched on by default. The results of this non-default setting have been studied by Cloudflare and they have revealed that just 0.6% of online traffic was using the new TLS 1.3 standard.
You can enable your browsers TLS 1.3 support by going into the advanced settings and switching it on. A quick google search will show you the steps for your specific browser.
The international rollout and support of TLS 1.3 is still underway and the infancy of 1.3 has resulted in a number of corporate websites, including banks, mistakenly seeing TLS 1.3 as a threat or as being non-compliant with security measures which resulted in over 100,000 Chromebooks being kicked offline, as well as countless other users on different OS platforms from around the world.
We can expect to see the full rollout of TLS 1.3 to be completed within the next 12 months if major web companies get onboard with the benefits of the new protocol.