# TLS Handshake Overview One-sentence definition: Protocol steps to authenticate peers and agree on keys/ciphers for secure sessions. ## Key Facts - TLS 1.3: fewer round trips, only AEAD ciphers, PFS by default (ECDHE). - Server authentication via X.509 cert; optional client auth (mTLS). - Key schedule derives traffic keys from ephemeral secrets and nonces. - Extensions: SNI, OCSP stapling, ALPN; session resumption via tickets. - Weak suites/versions (SSL, TLS 1.0/1.1) deprecated; avoid RSA key exchange. - **Verify:** check official (ISC)² CBK and current exam outline. ## Exam Relevance - Identify setting to enforce PFS and reduce handshake overhead. **Mnemonic:** “**Auth → Agree → Apply**.” ## Mini Scenario Q: Need client identity at transport layer—what to add? A: mTLS with client certificates. ## Revision Checklist - TLS 1.3 advantages. - Role of ECDHE in PFS. - Purpose of OCSP stapling. ## Related [[Perfect Forward Secrecy (PFS)]] · [[Certificates, Revocation, and Pinning]] · [[Public Key Infrastructure (PKI) Components]] · [[Block Cipher Modes (ECB, CBC, CTR, GCM)]] · [[Diffie-Hellman Key Exchange]] · [[Domain 3 - Index]]