Geeks for your information
Microsoft enables TLS 1.3 by default in latest Windows 10 builds - Printable Version

+- Geeks for your information (https://www.geeks.fyi)
+-- Forum: News (https://www.geeks.fyi/forumdisplay.php?fid=105)
+--- Forum: Microsoft Windows News (https://www.geeks.fyi/forumdisplay.php?fid=32)
+--- Thread: Microsoft enables TLS 1.3 by default in latest Windows 10 builds (/showthread.php?tid=12574)



Microsoft enables TLS 1.3 by default in latest Windows 10 builds - silversurfer - 21 August 20

Quote:Microsoft says that TLS 1.3 will be enabled by default in all Windows 10 Insider Preview builds beginning with Build 20170 as the start of a wider rollout to all Windows 10 systems.
 
According to Microsoft, TLS 1.3 is also enabled by default in IIS/HTTP.SYS and it will be added to .NET starting with version 5.0.
 
The company recommends developers to start implementing TLS 1.3 within their services and apps, using the TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, and TLS_CHACHA20_POLY1305_SHA256 cipher suites supported by the Windows TLS stack.
 
"TLS 1.3 eliminates obsolete cryptographic algorithms, enhances security over older versions, and aims to encrypt as much of the handshake as possible," Microsoft said today.
 
TLS 1.3, the next major version of the Transport Layer Security protocol, was approved by the Internet Engineering Task Force (IETF) on March 21, 2018, following four years of discussions and 28 protocol drafts.
 
The TLS secure communication protocol is designed to protect client/server applications from eavesdropping, tampering, and message forgery while exchanging information over an Internet connection.
 
TLS 1.3 comes with several differences when compared to the TLS 1.2 protocol it deprecates, including:
  • Removes older encryption and hashing algorithms (such as MD5 and SHA-224) and adds harder to crack alternatives (such as ChaCha20, Poly1305, Ed25519, x25519, and x448).
  • Is a lot faster at negotiating the initial handshake between the client and the server, reducing the connection latency and removing the excuse of not supporting HTTPS because of lower browsing speeds.
  • Supports features like Zero Round Trip Time (0-RTT) and TLS False Start designed to also cut down the time needed to establish encryption handshakes with hosts to which the client has talked before.
  • Comes with downgrade attack protection that prevents an attacker from tricking a server into using older versions of the protocol, susceptible to known vulnerabilities.

Read more: https://www.bleepingcomputer.com/news/security/microsoft-enables-tls-13-by-default-in-latest-windows-10-builds/


RE: Microsoft enables TLS 1.3 by default in latest Windows 10 builds - harlan4096 - 23 August 20

Additional Info: https://www.ghacks.net/2020/08/23/tls-1-3-enabled-by-default-in-latest-windows-10-builds/?fbclid=IwAR0T6SoRUhJTCSg_0cL9-N4onXFACU5TRKnUS9bweXMQZ2ebJ9Ujn46bmHI