TLS 1.3 RFC Draft Published

The Internet Engineering Task Force (IETF) has published an RFC for version 1.3 of the venerable Transport Layer Security (TLS) protocol. A yearslong process, this upgrade addresses a number of flaws identified in the previous version.

The internet is about to get a little safer, and a little faster.

Articles About The New Spec

These articles do a much better job summarizing the changes than I could here:

IETF Blog - straight from the horse’s mouth.

Cloudflare - a really digestible technical overview of the important changes.

CNET - less technical but still good.

Kinsta

Short Summary of TLS 1.2 Exploits

Perhaps the most notable vulnerability, Hearbleed, was disclosed in 2014. However, there have been a number of disclosed vulnerabilities since.