No video
TLS 1.3 Handshake - many CHANGES from prior versions!
Рет қаралды 15,943
Күн бұрынThe TLS 1.3 Handshake changes significantly from the TLS 1.2 (and prior) handshake. In this video we discuss 4 major changes to the TLS handshake with the latest version:
- TLS 1.3 Handshake is shorter, only one round trip (1RTT)
- TLS 1.3 Handshake is mostly encrypted (everything except the Client Hello and the Server Hello)
- TLS 1.3 Handshake encrypts the Client Certificate (as well as the Server Certificate)
- TLS 1.3 Handshake generates many more session keys
👉 This is a sample lesson from my SSL & TLS deep dive course: Practical TLS.
pracnet.net/tls
🔑 More free lessons from the course:
• Practical TLS - Free L...
🏢 Do you configure or troubleshoot TLS/SSL for work? If so, I'm willing to bet your employer would happily pay for this SSL training. Reach out if you'd like to coordinate an introduction for a bulk license purchase with your company. If your referral leads to live training engagement, I'll buy you an iPad (or tablet of similar value of your choice)
💬 Join Practical Networking Discord
pracnet.net/di...
00:00 - Review of TLS 1.2 (and prior) TLS Handshake
01:15 - Comparing TLS 1.3 Handshake and TLS 1.2 Handshake
02:46 - TLS 1.3 One Round Trip Handshake (1RTT) simply explained
05:48 - TLS 1.3 0RTT - Zero Round Trip Handshake
06:58 - TLS 1.3 encrypts most of the TLS Handshake
07:37 - ESNI, Encrypted SNI, Encrypted Server Name Indication
08:53 - ECH, Encrypted Client Hello
10:30 - TLS 1.3 encrypts the Client Certificate in Mutual TLS (MTLS)
12:42 - TLS 1.3 generates many more session keys
16:12 - Key Points - TLS 1.3 Changes to the TLS Handshake
16:45 - Want more? Check out Practical TLS - the BEST TLS training course ever created
#ssl #tls #cybersecurity
@PracticalNetworking Жыл бұрын
👉 *More free lessons:* kzbin.info/aero/PLIFyRwBY_4bTwRX__Zn4-letrtpSj1mzY ✨ *Full course:* pracnet.net/tls 💲 *Coupon Code* for 50% off: youtube50
@DWA86 Жыл бұрын
Giveaway comment, I love to learn networking from you, your video on subnetting under 60 second is truly amazing !!!!
@rochuolmos 11 ай бұрын
Ahhhhhhh, please never stop teaching!
@dragonbg6105 Жыл бұрын
You never disappoint. Im rarely as excited for watching a technical video as when I watch yours. Thank you!
@PracticalNetworking Жыл бұрын
;) You're very welcome!
@NitroBlaziken Жыл бұрын
Perfect way to end off this mini series! Very well explained easily digestible information that informs the viewer exactly what did change in TLS 1.3 and why it's important to learn it.
@user-fz7zr2vi7b Ай бұрын
very appreciate for your teaching
@MuhammadWaqas-zk2kp Жыл бұрын
Loving your way of teaching. ❤
@PracticalNetworking Жыл бұрын
@sreekumarj Жыл бұрын
Awesome video. Excited for the give away. Love your courses
@sagargokani9107 3 ай бұрын
Very Well Explain ❤
@andydufresne9387 Жыл бұрын
best tls course I've ever seen!
@PracticalNetworking Жыл бұрын
*Congratulations* ! You're one of the 2 winners for this video. 1. Reach out to me on Discord: pracnet.net/discord 2. I'll ask you to do a quick verification 3. then I'll give you a discount code for free access to the course.
@andydufresne9387 Жыл бұрын
@@PracticalNetworking thanks!
@vFoxArts 6 ай бұрын
Thank you Ed, exciting to see how long TLS 1.3 will evolve. Are you also going to release the TLS 1.3 session renegotiation part? :)
@renithtk81 6 ай бұрын
great way of teaching
@sudheerkp3508 Жыл бұрын
Thanks
@theomidtabei Жыл бұрын
Thank you
@PracticalNetworking Жыл бұрын
*Congratulations* ! You're one of the 2 winners for this video. 1. Reach out to me on Discord: pracnet.net/discord 2. I'll ask you to do a quick verification 3. then I'll give you a discount code for free access to the course.
@vlgermanov Жыл бұрын
Thanks for the video. As usual great and understandable explanation of the topics!
@Abdirahmaann Жыл бұрын
Good explanation Ed
@greob Жыл бұрын
I was not aware of these difference, very instructive!
@arielruiz8959 Жыл бұрын
Thanks for the update, I didn’t know
@ronykalasva Жыл бұрын
finallllly..... thanks for this
@PracticalNetworking Жыл бұрын
You're welcome =)
@apropo8868 Жыл бұрын
YOUR UNDERATEDED KZbin CHANNLE
@okashauwal8441 Жыл бұрын
This is brilliant
@franekfranek1127 Жыл бұрын
Thanks for the update
@parthaghosh9879 Жыл бұрын
Great lesson Ed
@majeedolaitan5388 Жыл бұрын
This is awesome! 🎉🎉🎉
@leqiaop1840 Жыл бұрын
better than my professor at Tech-Uni.
@alexanderjansen3952 Жыл бұрын
Hey Eddie, awesome video. Can you make one where you explain DTLS and its difference to TLS please?
@PracticalNetworking Жыл бұрын
For the most part, it's the same as TLS, except over UDP. The messages / exchange / security, all is the same, except done over UDP instead of TCP.
@safwanumer3997 Ай бұрын
Any update on TLS 1.3 Key schedule course?
@user-ss3bd8do5i 9 ай бұрын
Hi, thanks for your sharing. In TLS 1.2 handshake, the "gray glomy text" "Finished" is encrypted or decrypted? For advice. Thanks.
@user-ss3bd8do5i 9 ай бұрын
Hi, in TLS 1.3 handshake, the "gray glomy text" "Finished" below the purple line is encrypted or decrypted? Thanks.
@modedaniel5409 Жыл бұрын
Great content
@BernhardHustomo 9 күн бұрын
question: actually what port the TLS is using, i am kinda hv chicken and egg problem with HTTP/HTTPS and the TLS that encrypts the HTTP itself.. but u mentioned that not only HTTP is protected by TLS.. how about something like RADIUS when we are doing EAP-TLS or even the EAP-PEAP.. they still need to establish the TLS tunnel, but as per my understanding it is between client and the server, it does not protect the RADIUS protocol..
@muralikrishna-fr8oh Жыл бұрын
Nice explanation, can we expect anything on IPSec?
@PracticalNetworking Жыл бұрын
It will be the next thing I release to the channel. Hopefully towards the end of the month / beginning sept.
@padderhilal3502 11 ай бұрын
Sir, make vedios on data flow via cache,Ram, rom and secondary memory. And also via registers.
@TGUK9 Жыл бұрын
Great video, doesn't the quic protcol also reduce the round trip?
@R_Y_Z_E_N Жыл бұрын
Can u do a video on DMARC ,DKIM
@talesara74 Жыл бұрын
TLS 1.3 client hello is with many other information like all guessed cipher suites key shares. Are you going to cover that in a new video?
@PracticalNetworking 11 ай бұрын
It's covered in my course on TLS =). pracnet.net/tls
@MrTheAlexy Жыл бұрын
I guess we can encrypt the hello message with the server public key stored in certificate but we should be able to fetch it prior somehow
@PracticalNetworking Жыл бұрын
That would involve Asymmetric Encryption, which isn't suited for encrypting bulk data (which the Client Hello would be counted as). More details here: kzbin.info/www/bejne/l3SnmHl-Zs5leJI
@chittlingwhittles1198 Жыл бұрын
Sir can you please make full video series of how to tell ma’am NOT to redeem?
@andydufresne9387 Жыл бұрын
handshake
@muniaisworthit 11 ай бұрын
I'm a geography
@padderhilal3502 11 ай бұрын
Also make vedios on internet, ethernet,virus, malware etc.
@gvs75tx Жыл бұрын
Thanks
Practical Networking
Рет қаралды 113 М.
Practical Networking
Рет қаралды 247 М.