Occasionally, there are advancements in technology that affect the way we all use the Internet.
We’ve covered HTTPS before, as well as its importance for all modern websites. But HTTPS is not static — it’s always being improved. TLS (Transport Layer Security) 1.3 was initially released in 2014, and went through 28 versions before the final version of TLS 1.3 was published (RFC 8446) in August 2018. Since then, it’s helped every site that employs HTTPS run faster and more securely. Here’s how.
What You Need to Know
Without getting overly technical about it, TLS 1.3 has a number of improvements over the older TLS 1.2. TLS 1.3 somehow managed to be both more secure and also faster — there are no downsides to going with it over its predecessors.
As summarized by our partner Cloudflare, TLS 1.3 “reduces latency, optimizes performance and hardens the security of your encrypted connections”.
In the age when mobile is king, the ability of TLS 1.3 to maintain a high level of security but also speed up page load times has been key. It eliminates unnecessary handshake steps and forces the use of newer encryption methods.
How does it work? Under TLS 1.2, the first exchange between server and browser is about which type of encryption to use, which both parties have to agree to. Once settled, the process can move on to the actual encryption. In TLS 1.3, this conversation is omitted — the server provides an encryption key as soon as the browser indicates what it’s trying to access. The lack of choice about which kind of encryption to use also means that bad actors are not able to use the trick of indicated outdated encryption technologies that are easier to take advantage of.
TLS 1.3 is supported by all CanSpace hosting plans. Our customers also have some extra TLS 1.3 features available through their Cloudflare account, which comes free with their hosting plan.
Have a question about website security certificates, HTTPS, or TLS 1.3, don’t hesitate to contact us!