TLS 1.3 Handshake - many CHANGES from prior versions!
Ғылым және технология
The TLS 1.3 Handshake changes significantly from the TLS 1.2 (and prior) handshake. In this video we discuss 4 major changes to the TLS handshake with the latest version:
- TLS 1.3 Handshake is shorter, only one round trip (1RTT)
- TLS 1.3 Handshake is mostly encrypted (everything except the Client Hello and the Server Hello)
- TLS 1.3 Handshake encrypts the Client Certificate (as well as the Server Certificate)
- TLS 1.3 Handshake generates many more session keys
👉 This is a sample lesson from my SSL & TLS deep dive course: Practical TLS.
pracnet.net/tls
🔑 More free lessons from the course:
• Practical TLS - Free L...
🏢 Do you configure or troubleshoot TLS/SSL for work? If so, I'm willing to bet your employer would happily pay for this SSL training. Reach out if you'd like to coordinate an introduction for a bulk license purchase with your company. If your referral leads to live training engagement, I'll buy you an iPad (or tablet of similar value of your choice)
💬 Join Practical Networking Discord
pracnet.net/discord
00:00 - Review of TLS 1.2 (and prior) TLS Handshake
01:15 - Comparing TLS 1.3 Handshake and TLS 1.2 Handshake
02:46 - TLS 1.3 One Round Trip Handshake (1RTT) simply explained
05:48 - TLS 1.3 0RTT - Zero Round Trip Handshake
06:58 - TLS 1.3 encrypts most of the TLS Handshake
07:37 - ESNI, Encrypted SNI, Encrypted Server Name Indication
08:53 - ECH, Encrypted Client Hello
10:30 - TLS 1.3 encrypts the Client Certificate in Mutual TLS (MTLS)
12:42 - TLS 1.3 generates many more session keys
16:12 - Key Points - TLS 1.3 Changes to the TLS Handshake
16:45 - Want more? Check out Practical TLS - the BEST TLS training course ever created
#ssl #tls #cybersecurity
Пікірлер: 51
👉 *More free lessons:* kzread.info/head/PLIFyRwBY_4bTwRX__Zn4-letrtpSj1mzY ✨ *Full course:* pracnet.net/tls 💲 *Coupon Code* for 50% off: youtube50
@DWA86
Жыл бұрын
Giveaway comment, I love to learn networking from you, your video on subnetting under 60 second is truly amazing !!!!
Ahhhhhhh, please never stop teaching!
You never disappoint. Im rarely as excited for watching a technical video as when I watch yours. Thank you!
@PracticalNetworking
Жыл бұрын
;) You're very welcome!
Perfect way to end off this mini series! Very well explained easily digestible information that informs the viewer exactly what did change in TLS 1.3 and why it's important to learn it.
I was not aware of these difference, very instructive!
Thanks for the video. As usual great and understandable explanation of the topics!
Loving your way of teaching. ❤
@PracticalNetworking
Жыл бұрын
Awesome video. Excited for the give away. Love your courses
very appreciate for your teaching
Thanks for the update, I didn’t know
Very Well Explain ❤
Great lesson Ed
Thanks for the update
This is awesome! 🎉🎉🎉
great way of teaching
best tls course I've ever seen!
@PracticalNetworking
Жыл бұрын
*Congratulations* ! You're one of the 2 winners for this video. 1. Reach out to me on Discord: pracnet.net/discord 2. I'll ask you to do a quick verification 3. then I'll give you a discount code for free access to the course.
@andydufresne9387
Жыл бұрын
@@PracticalNetworking thanks!
Good explanation Ed
This is brilliant
Great content
Thank you Ed, exciting to see how long TLS 1.3 will evolve. Are you also going to release the TLS 1.3 session renegotiation part? :)
finallllly..... thanks for this
@PracticalNetworking
Жыл бұрын
You're welcome =)
Thanks
Great video, doesn't the quic protcol also reduce the round trip?
Thank you
@PracticalNetworking
Жыл бұрын
*Congratulations* ! You're one of the 2 winners for this video. 1. Reach out to me on Discord: pracnet.net/discord 2. I'll ask you to do a quick verification 3. then I'll give you a discount code for free access to the course.
YOUR UNDERATEDED KZread CHANNLE
better than my professor at Tech-Uni.
Hey Eddie, awesome video. Can you make one where you explain DTLS and its difference to TLS please?
@PracticalNetworking
Жыл бұрын
For the most part, it's the same as TLS, except over UDP. The messages / exchange / security, all is the same, except done over UDP instead of TCP.
Hi, thanks for your sharing. In TLS 1.2 handshake, the "gray glomy text" "Finished" is encrypted or decrypted? For advice. Thanks.
Sir, make vedios on data flow via cache,Ram, rom and secondary memory. And also via registers.
Hi, in TLS 1.3 handshake, the "gray glomy text" "Finished" below the purple line is encrypted or decrypted? Thanks.
Any update on TLS 1.3 Key schedule course?
Nice explanation, can we expect anything on IPSec?
@PracticalNetworking
11 ай бұрын
It will be the next thing I release to the channel. Hopefully towards the end of the month / beginning sept.
Sir can you please make full video series of how to tell ma’am NOT to redeem?
I guess we can encrypt the hello message with the server public key stored in certificate but we should be able to fetch it prior somehow
@PracticalNetworking
11 ай бұрын
That would involve Asymmetric Encryption, which isn't suited for encrypting bulk data (which the Client Hello would be counted as). More details here: kzread.info/dash/bejne/k3d4yaiBYcyYcpM.html
TLS 1.3 client hello is with many other information like all guessed cipher suites key shares. Are you going to cover that in a new video?
@PracticalNetworking
10 ай бұрын
It's covered in my course on TLS =). pracnet.net/tls
Can u do a video on DMARC ,DKIM
handshake
I'm a geography
Also make vedios on internet, ethernet,virus, malware etc.
Thanks