Home/ Glossary/ TLS 1.3

TLS 1.3 (TLS 1.3)

Security Glossary - SSL/TLS

Definition: TLS 1.3 is the latest version of the Transport Layer Security protocol, finalized in 2018 (RFC 8446). It removes support for legacy cryptographic algorithms, reduces the handshake to one round trip (from two in TLS 1.2), and supports 0-RTT session resumption for repeat connections.

The Essentials

  • Released in 2018 as RFC 8446
  • Reduces handshake to 1 round trip (from 2 in TLS 1.2)
  • Supports 0-RTT session resumption for repeat visitors
  • Removes all legacy cipher suites (RC4, 3DES, CBC mode)
  • Forward secrecy is mandatory, not optional

Why You Should Care About TLS 1.3

TLS 1.3 is a significant improvement over TLS 1.2 in both security and performance. It removed all cipher suites that had known weaknesses, including RSA key exchange, CBC mode ciphers, and SHA-1. Only modern AEAD cipher suites with forward secrecy are allowed, which means there are fewer ways to misconfigure it insecurely.

The performance improvement from TLS 1.3 is meaningful for user experience. The one-round-trip handshake (compared to two in TLS 1.2) reduces connection setup time by roughly one network round trip, which is especially noticeable on high-latency mobile connections. The 0-RTT resumption feature allows repeat visitors to send data immediately, though it has replay attack considerations.

All major browsers and web servers support TLS 1.3. Enabling it alongside TLS 1.2 provides the best balance of security and compatibility. There is no reason not to enable TLS 1.3 - it is strictly better than earlier versions in both security and performance, and falls back gracefully for clients that only support TLS 1.2.

How to Verify

Run an SSL checker to see if your server supports TLS 1.3. The tool will list all supported protocol versions. If TLS 1.3 is not listed, check your web server and OpenSSL version - you may need to update to a version that supports it.

Check SSL Certificate

Lessons From the Field

Cloudflare reported that enabling TLS 1.3 across their network reduced connection setup time by 33% for new connections. For repeat visitors using 0-RTT resumption, the improvement was even larger, with the TLS handshake adding effectively zero latency to page loads.

Questions and Answers

Do I still need TLS 1.2 if I enable TLS 1.3?
Yes, for now. Some older clients and corporate proxies do not support TLS 1.3 yet. Running both TLS 1.2 and 1.3 provides the best compatibility while giving modern clients the performance and security benefits of 1.3.
Is 0-RTT in TLS 1.3 safe to enable?
0-RTT data is vulnerable to replay attacks because it is sent before the handshake completes. It should only be used for idempotent requests (like GET) and should not be used for state-changing operations. Most web servers handle this correctly by default.

Learn More

Transport Layer Security TLS 1.2 Cipher Suite Perfect Forward Secrecy SSL/TLS Handshake
Disclaimer: DomainOptic provides automated informational scans only. Results do not constitute professional security advice, compliance certification, or a guarantee of security. Always verify findings independently.