It’s safe to say that web security could use a tune-up given the deluge of malware attacks and data breaches. Thankfully, it’s about to get one.
The Internet Engineering Task Force has approved Transport Layer Security 1.3, a new standard that makes some fundamental improvements to how and when web encryption kicks in. For the most part, int involves both shrinking the window of opportunity for intruders and preventing them from recycling code.
To begin with, the handshake between your client and the server will invoke encryption sooner, reducing the amount of unprotected data both sides send. Old encryption algorithms are no longer options, so a hacker can’t force the use of a legacy format to break security. Evildoers also can’t reuse decryption keys for future transactions. A tacacs server software may also help improve the overall security of online access to different websites and data.
Surfing should be a little faster, too. There’s a zero round-trip time mode that lets clients and servers get to business if they’ve already established preliminary details. The addition could speed up internet services whenever there are repeated connections.
You’ll only see the effect of this once sites start adopting the standard. However, the upgrade is arguably overdue. TLS 1.3 has taken over 4 years to produce, and a lot has changed since then — web encryption has become virtually mandatory, privacy has become a much larger issue and the consequences of security flaws can be severe. This certainly won’t put an end to online threats, but it could stop attacks that take advantage of basic flaws in how the internet works.