List of revoked certificates — downloaded periodically by clients
OCSP
Online Certificate Status Protocol — real-time check if cert is revoked (faster than CRL)
OCSP Stapling
Server fetches OCSP response → staples to TLS handshake → client doesn’t need to contact CA
Cipher Suites
Component
TLS 1.2 Example
TLS 1.3
Key Exchange
ECDHE (Elliptic Curve Diffie-Hellman Ephemeral)
Always ECDHE (built-in)
Authentication
RSA or ECDSA (certificate signature)
RSA or ECDSA (separate from cipher suite)
Bulk Encryption
AES-128-GCM, AES-256-GCM, ChaCha20-Poly1305
Same: AES-128-GCM, AES-256-GCM, ChaCha20
Hash/MAC
SHA-256, SHA-384
SHA-256, SHA-384
TLS 1.3 Suites
–
Only 5 suites: TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, TLS_CHACHA20_POLY1305_SHA256
Removed in 1.3
RSA key exchange, CBC mode, RC4, 3DES, MD5, SHA-1
All weak/legacy algorithms eliminated
mTLS (Mutual TLS)
Feature
Standard TLS
mTLS
Server Auth
Yes — server presents certificate
Yes — server presents certificate
Client Auth
No — client is anonymous
Yes — client also presents certificate
Use Case
Web browsing, public APIs
Service-to-service (microservices), zero trust, API security
Implementation
Default TLS behavior
Both sides need certificates from same/trusted CA
Service Mesh
–
Istio, Linkerd auto-inject mTLS between all services
Certificate Pinning
Feature
Detail
What
Application stores expected certificate/public key → rejects any other cert even if valid CA-signed
Protects Against
Rogue CA, compromised CA, government-issued fake certs, corporate MITM proxies
HPKP (HTTP)
HTTP Public Key Pinning header — deprecated (too risky: pin wrong key = site unusable)
Mobile Apps
Common in banking/security apps — pin server cert in app code
Risk
Certificate rotation becomes critical — must update pins before cert expires or app breaks
Alternative
Certificate Transparency (CT) logs — public log of all issued certs, detect rogue certs
ทิ้งท้าย: TLS = Foundation of Internet Security
SSL/TLS Deep Dive TLS 1.3: 1-RTT handshake (vs 2-RTT in 1.2), 0-RTT resumption, ECDHE only, removed all weak ciphers Certificates: DV (free/basic), OV (org verified), EV (strict), wildcard, SAN — Let’s Encrypt = free DV PKI: Root CA → Intermediate CA → End-Entity, certificate chain validation, CRL/OCSP for revocation Cipher Suites: TLS 1.3 = only 5 strong suites (AES-GCM, ChaCha20), eliminated RSA key exchange, CBC, RC4 mTLS: both sides authenticate — microservices, zero trust, service mesh (Istio/Linkerd) auto-injects Pinning: app stores expected cert/key — protects against rogue CA, common in mobile banking apps Key: TLS 1.3 + strong cipher suites + proper certificate management = secure internet communication
