DeepSec 2016 Talk: TLS 1.3 – Lessons Learned from Implementing and Deploying the Latest Protocol – Nick Sullivan
Version 1.3 is the latest Transport Layer Security (TLS) protocol, which allows client/server applications to communicate over the Internet in a way that is designed to prevent eavesdropping, tampering, and message forgery. TLS is the S in HTTPS. TLS was last changed in 2008, and a lot of progress has been made since then. CloudFlare will be the first company to deploy this on a wide scale. In his talk Nick Sullivan will be able to discuss the insights his team gained while implementing and deploying this protocol. Nick will explore differences between TLS 1.3 and previous versions in detail, focusing on the security improvements of the new protocol as well as some of the challenges his team faces around securely implementing new features such as 0-RTT resumption. He’ll also demonstrate an attack on the way some