Video Description

The TLS 1.3 Handshake changes significantly from the TLS 1.2 (and prior) handshake. In this video we discuss 4 major changes to the TLS handshake with the latest version: - TLS 1.3 Handshake is shorter, only one round trip (1RTT) - TLS 1.3 Handshake is mostly encrypted (everything except the Client Hello and the Server Hello) - TLS 1.3 Handshake encrypts the Client Certificate (as well as the Server Certificate) - TLS 1.3 Handshake generates many more session keys 👉 This is a sample lesson from my SSL & TLS deep dive course: Practical TLS. https://pracnet.net/tls 🔑 More free lessons from the course: https://www.youtube.com/playlist?list=PLIFyRwBY_4bTwRX__Zn4-letrtpSj1mzY 🏢 Do you configure or troubleshoot TLS/SSL for work? If so, I'm willing to bet your employer would happily pay for this SSL training. Reach out if you'd like to coordinate an introduction for a bulk license purchase with your company. If your referral leads to live training engagement, I'll buy you an iPad (or tablet of similar value of your choice) 💬 Join Practical Networking Discord https://pracnet.net/discord 00:00 - Review of TLS 1.2 (and prior) TLS Handshake 01:15 - Comparing TLS 1.3 Handshake and TLS 1.2 Handshake 02:46 - TLS 1.3 One Round Trip Handshake (1RTT) simply explained 05:48 - TLS 1.3 0RTT - Zero Round Trip Handshake 06:58 - TLS 1.3 encrypts most of the TLS Handshake 07:37 - ESNI, Encrypted SNI, Encrypted Server Name Indication 08:53 - ECH, Encrypted Client Hello 10:30 - TLS 1.3 encrypts the Client Certificate in Mutual TLS (MTLS) 12:42 - TLS 1.3 generates many more session keys 16:12 - Key Points - TLS 1.3 Changes to the TLS Handshake 16:45 - Want more? Check out Practical TLS - the *BEST* TLS training course ever created #ssl #tls #cybersecurity