web analytics

The web will be little safer with approval of this new security standard

The web will be little safer with approval of this new security standard

The Internet Engineers Task Force has just unanimously approved a security framework that will make encrypted connections on the web faster and more resistant to snooping.

It’s called Transport Layer Security version 1.3, and while it’s not a big flashy event, it very much is the kind of iterative improvement that keeps the web working in the face of malicious actors everywhere. The IETF is a body of engineers from all over the world who collaborate on standards like this — and their approval of TLS 1.3 has been long in coming, more than four years and 28 drafts.

That’s because the internet is a and changes to its fundamental parts — such as how a client and server establish a secure, encrypted connection — must be made very, very carefully.

TLS 1.3 makes a few prominent changes that should keep you safe:

  • The “handshake” between client and server has been streamlined and encryption initiated earlier to minimize the amount of data transmitted in the clear.
  • “Forward secrecy,” meaning hackers can’t skim decryption keys from one exchange and use it to decrypt others later.
  • “Legacy” encryption algorithms have been removed as options, as these could occasionally be forced into use and their shortcomings leveraged to break the cipher on messages.
  • A new “0-RTT,” or zero round-trip time, mode in which the server and client that have established some preliminaries before can get right to sending data without introducing themselves to each other again.

The whole standard is 155 pages long, and really only other engineers will want to dig in. But it’s available here if you’d like to peruse it or go into detail on one of the new features.

It doesn’t magically take effect,  but the IETF approval is a big step towards the standard being adopted by big companies, web services, and other, higher-level standards.

Credits: https://techcrunch.com//03/23/the-web-will-soon-be-a-little-safer-with-the-approval-of-this-new-security-standard/

blank
SNR

Linux & Windows Geek, Blogger & System Administrator

Leave your message

Scroll Up