Most Of The World Will Have Access To TLS 1.3 On April 5th
OpenSSL TLS 1.3 will release in April.
We have been talking about TLS 1.3 for a while. It the first new version of the TLS protocol in nearly a decade and is going to be a huge leap forward for the industry. It is sort of like releasing a decade’s worth of advances and improvements in cryptography all at once.
The IETF (Internet Engineering Task Force) is in charge of designing the TLS protocol. They have almost finished version 1.3’s protocol specification – which is currently in “Last Call,” meaning that they are soliciting final comments from the community before officially stamping it as complete.
But the TLS 1.3 protocol specifications only tells you how TLS 1.3 should work. It’s essentially a manual that anyone who wants to implement TLS 1.3 needs to follow. Which means that “finishing” the protocol does not get us any closer to actually using it. The code still needs to be written, and existing TLS libraries need to be updated and deployed.
There have been some early adopters of TLS 1.3. Cloudflare is already using the protocol despite it not being officially finalized, and some libraries have already been updated. However, the most widely used TLS library, OpenSSL, has not.
This means that most websites won’t be able to use TLS 1.3 until OpenSSL adds support, regardless of when the IETF finalizes the spec. There had been some speculation that this could take more than 6 months.
But Rich Salz recently shared good news about TLS 1.3 support in OpenSSL. Salz works on the OpenSSL development team and is an employee at Akamai (a major CDN/Cloud-computing provider). Last week he announced that Akamai would be sponsoring the development of TLS 1.3 support for OpenSSL. As an open-source project, OpenSSL relies on donations and sponsorships to support continued development.
In addition, the OpenSSL team has committed to a release date. TLS 1.3 will be added to OpenSSL 1.1.1, which will be released on April 5th, 2017.
When OpenSSL 1.1.1 releases in April, the internet won’t magically flip over to TLS 1.3 overnight. The millions of websites using OpenSSL will first need to update to the new version. For those working with more complicated stacks, major version updates are no small feat.
But the good news is that OpenSSL 1.1.1 will be fully compatible with the current release, 1.1.0. That’s why Salz recommends that you get version 1.1.0 in place now, and when 1.1.1 is released, you can “drop it in” and immediately have TLS 1.3 support.
The industry has been brimming recently over the adoption of TLS 1.3. This announcement from OpenSSL and Akamai is a major step in making that a reality.
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018in Hashing Out Cyber Security
How to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chromein Everything Encryption
Re-Hashed: How to Fix SSL Connection Errors on Android Phonesin Everything Encryption
Cloud Security: 5 Serious Emerging Cloud Computing Threats to Avoidin ssl certificates
This is what happens when your SSL certificate expiresin Everything Encryption
Re-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Messagein Hashing Out Cyber Security
Report it Right: AMCA got hacked – Not Quest and LabCorpin Hashing Out Cyber Security
Re-Hashed: How to clear HSTS settings in Chrome and Firefoxin Everything Encryption
Re-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithmsin Everything Encryption
The Difference Between Root Certificates and Intermediate Certificatesin Everything Encryption
The difference between Encryption, Hashing and Saltingin Everything Encryption
Re-Hashed: How To Disable Firefox Insecure Password Warningsin Hashing Out Cyber Security
Cipher Suites: Ciphers, Algorithms and Negotiating Security Settingsin Everything Encryption
The Ultimate Hacker Movies List for December 2020in Hashing Out Cyber Security Monthly Digest
Anatomy of a Scam: Work from home for Amazonin Hashing Out Cyber Security
The Top 9 Cyber Security Threats That Will Ruin Your Dayin Hashing Out Cyber Security
How strong is 256-bit Encryption?in Everything Encryption
Re-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3in Everything Encryption
How to View SSL Certificate Details in Chrome 56in Industry Lowdown
PayPal Phishing Certificates Far More Prevalent Than Previously Thoughtin Industry Lowdown