TLS (Transport Layer Security) 1.3 (RFC 8446, 2018) is the current standard for encrypting data in transit. The TLS handshake authenticates the server (and optionally the client in mTLS) via an X.509 certificate chain, negotiates a cipher suite, and establishes session keys using ECDHE (Elliptic Curve Diffie-Hellman Ephemeral) for perfect forward secrecy. TLS 1.3 reduced the handshake to 1 RTT (vs 2 RTT in TLS 1.2) and removed weak cipher suites (RC4, 3DES, MD5, SHA-1).

Key Points

  • TLS certificate chain: Leaf cert (domain) → Intermediate CA → Root CA; browsers trust Root CAs from their trust store (Mozilla NSS, Apple, Microsoft, Google) — intermediate CAs must be served by the server.
  • Perfect Forward Secrecy (PFS): ECDHE generates a fresh ephemeral key pair per session — even if the server's long-term private key is compromised, past sessions cannot be decrypted.
  • TLS 1.3 cipher suites (only 5 allowed): TLS_AES_256_GCM_SHA384, TLS_CHACHA20_POLY1305_SHA256, TLS_AES_128_GCM_SHA256, TLS_AES_128_CCM_SHA256, TLS_AES_128_CCM_8_SHA256.
  • mTLS (mutual TLS): both client and server present X.509 certificates — used for service-to-service authentication in microservices (Istio mTLS, AWS API Gateway mTLS), zero-trust networks.
  • HSTS (HTTP Strict Transport Security): `Strict-Transport-Security: max-age=31536000; includeSubDomains; preload` instructs browsers to never connect via HTTP for 1 year — prevents protocol downgrade attacks.
  • Certificate transparency (CT) logs (RFC 6962): all publicly trusted CAs must submit issued certificates to CT logs — enables detection of mis-issued or fraudulent certificates within minutes.
  • Certificate rotation: automate with AWS ACM (auto-renews 60 days before expiry), Let's Encrypt + certbot/cert-manager (90-day certs, auto-renewed at 60 days), or Vault PKI with short-lived certs.
  • SNI (Server Name Indication): TLS extension allowing a server to host multiple domains on one IP — the client sends the target hostname in the ClientHello before the certificate is sent.

Real-World Example

Google's BeyondCorp enterprise security model uses mTLS client certificates on all employee devices to authenticate to internal services — replacing VPN-based perimeter security with per-request certificate-based identity verification.