6.4 TLS overview The main task of the TLS protocol is to create a secure communication channel between two parties: server Alice and client Bob. The only thing that RFC 8446 assumes is a reliable, in-order data stream on the underlying transport layer. The two most widely used transport layer protocols are the Transport Control…
6.5.2 A typical TLS 1.2 connection The following figure shows the interplay of the TLS subprotocols in a typical TLS connection until TLS 1.2. The TLS 1.3 handshake is much more compact by eliminating one entire roundtrip from the earlier version. Figure 6.5: Overview of a typical TLS message flow without client authentication (up to…
6.5.3 Session resumption Establishing the value of the PreMasterSecret is computationally the most expensive part of the handshake because it involves public-key cryptography. TLS therefore includes a session resumption mechanism, where a client and server can reuse an already established session, including the cipher suite and the MasterSecret derived from PreMasterSecret. The client initiates the…
6.6.4 Zero round-trip time mode If two TLS endpoints share a secret key, TLS 1.3 allows them to communicate over a secure channel right from the start. This is referred to as 0-RTT, a zero round-trip time mode added in TLS 1.3 to save one round trip for the application data during the initial handshake,…
