I always hear that when the TLS protocol is used between a client and a server then everything is secure to exchange data in between the two !I would like to stress a little bit this assumption in particular in the context of the IoT where billions of devices connect to the cloud.Indeed if we make abstraction of the way keys and sensitive secrets are generated and used on both sides the protocol is hopefully secure (version TLS 1.3 is the latest one) but we obviously need to consider the handshake part of the TLS protocol during which authentication and secrets sharing are performed.
[
add
]
[
|
|
...
]