Advertisement
TLS 1.3 cuts handshake to 1 round-trip. Click to see the flow.
What you're seeing
TLS 1.3 sends key share in the first ClientHello. Server responds with
ServerHello + key share, certificate (encrypted with the derived handshake key),
and Finished. The client sends Finished, and immediately can send
encrypted application data — 1 round-trip total (vs 2 in TLS 1.2).
With session resumption, 0-RTT is possible: encrypted application data in the very first packet. Replayable, so only safe for idempotent operations.
★ KEY TAKEAWAY
TLS 1.3 cuts handshake to 1 RTT by sending key share in ClientHello. Drops 50% latency vs TLS 1.2.
▶ WHAT TO TRY
- Click Run to watch each step.
- 0-RTT resumption (not shown) can encrypt the first packet, at the cost of replay risk.