You Can Start Using TLS 1.3 Today
 You Can Start Using TLS 1.3 Today
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...
October 26, 2016 Comments closed

You Can Start Using TLS 1.3 Today

in Everything Encryption

How to turn on TLS 1.3 in Chrome Canary and Firefox Nightly.

TLS 1.3 will be the first new version of the TLS protocol in eight years. It will bring huge advancements in performance and security.

And it’s almost here.

Currently, TLS 1.3 is still being drafted by the Internet Engineering Task Force (IETF), a standards body that has been designing new versions of the SSL/TLS protocol since the 90s. Just last week they published the 17th draft and it is expected that TLS 1.3 will have its “Last Call” – a final two-week review period – in the near future.

The foundation and cryptographic primitives of TLS 1.3 are already safe to use, even though it is a draft, because those functions are not drastically changing. A few major browsers and websites have already implemented the draft to get a head start. Mozilla is planning on enabling the draft version of TLS 1.3 by default in Version 52 of Firefox.

But you don’t have to wait for TLS 1.3 to be officially official before you start using it. If you use the test-bed versions of Chrome (Canary) or Firefox (Nightly) you can start using TLS 1.3 today. Just follow the instructions below.

Turn on TLS 1.3

In Chrome Canary:

If you do not already have Canary installed, download it.

  1. Go to chrome://flags
  2. Search the page (Ctrl + F) for “TLS”
  3. For the flag “Maximum TLS Version enabled,” change the setting to “TLS 1.3”
  4. At the bottom of the page click “Relaunch Now.”
  5. Open Developer Tools (Ctrl + Shift + I on Windows,
  6. Select the “Security” pane
  7. Visit https://blog.cloudflare.com/
  8. You should see “Secure Connection
  9. If you are still seeing TLS 1.2 listed, your browser may be caching data from a previous visit to Cloudflare.

In Firefox Nightly:

If you do not already have Nightly installed, download it (note that Nightly is different than the Aurora/Developer edition).

  1. Go to about:config and click “I accept ths risk!” if a notice appears.
  2. In the search bar at the top enter security.tls.version.max
  3. Double click the entry and change the value to 4
  4. Visit https://blog.cloudflare.com/
  5. Click the green padlock icon in the address bar.
  6. Click the right-facing arrow.
  7. Click “More Information”
  8. At the bottom of the pop up, there is a section named Technical Details. The first line in that section is bolded and lists the TLS connection settings. At the end of that line it should read “TLS 1.3.”
  9. If you are still seeing TLS 1.2 listed, your browser may be caching data from a previous visit to Cloudflare. Close the Page Info pop up and hold Shift while refreshing the page. Then follow steps 5-8 again.

Now TLS 1.3 is enabled in your browser! Any server that supports TLS 1.3 (a compatible draft version) can now negotiate it with your browser. Sites using Cloudflare have the option to enable TLS 1.3, so you may be seeing it more often than you think!

Author

Vincent Lynch

The SSL Store’s encryption expert makes even the most complex topics approachable and relatable.

Recent Posts

Follow Us

Free Ebooks

eBook
Email Spoofing Defense 101 (A 5-Step Guide)

Download Now

eBook
Certificate Lifecycle Management Best Practices Guide

Download Now

eBook
10 Code Signing Best Practices

Download Now