TLS 1.3 Version is Coming in Force in April 2017

tls version

Transport Layer Security (TLS) and its forerunner SSL (secure socket layer) are both cryptographic protocols that provide secure communication over the network. Earlier, SSL3.0 was deprecated in June 2015 and TLS has already made its ground in the online security world.

TLS has the main version of TLS1.0, 1.1, 1.2 and finally, the news came for TLS 1.3. Yes, TLS 1.3 is going to release in April 2017. If you go through the difference between TLS 1.3 and its other versions then it is a great leap in the SSL industry.

About TLS 1.3:

The IETF (Internet Engineering Task Force) is a standard organization that has been developing SSL and TLS versions since the 1990 year. The IETF has developed TLS 1.3 and they have almost done their task for this new version.

However, the code writing is still in process and of course, TLS libraries have to be updated with modern coding. There should be major differences in this new version and a few of them should be as under.

What is New in TLS 1.3?

  • Removal support of weak and lesser-used named elliptic curves
  • Assimilating session hash usage
  • Remove MD5 and SHA-224 cryptographic hash functions support
  • Forbidding SSL or RC4 negotiation for backward compatibility
  • Use of forwarding Secrecy (PFS)
  • Use of strong ciphers AES256-GCM and CHACHA20_POLY1305
  • Remove the entire network round trip in case of reconnecting to the server
  • No common key and each key will be distinctly protected
  • Single packet exchange instead of three or more packets

OpenSSL and TLS 1.3:

Moreover, there are many platforms like OpenSSL and other libraries that have not updated to the latest TLS version, so websites run on the OpenSSL library is still do not have the advantage of TLS 1.3.

OpenSSL has released the date of integration of TLS 1.3 around April 5 2017 with its 1.1.1 version. OpenSSL has also sponsored TLS 1.3 development in OpenSSL. Cloudflare is already using TLS1.3 so sites using Cloudflare is already have TLS 1.3 version.

Chrome Canary and Firefox Nightly have features to enable TLS 1.3 before its arrival. There are millions of websites that need to update their OpenSSL version before implementing a new TLS version.

At present, OpenSSL 1.1.0 is in use so, websites can update the version to 1.1.0 and once the new OpenSSL version is there, they can move to the new version with TLS 1.3.

With the arrival of TLS 1.3, the website will have strong security over the web with new enhanced features and it would be a great leap for the cyber world. Currently, IETF hackathons (A meeting where people work together on computer programming tasks) include Mozilla’s NSS (used in Firefox), Facebook server named Fizz, Google’s Boring SSL, and Cloudflare.

Related Posts:

overall satisfaction rating
3932 reviews
from actual customers at
Easy, low cost, no frills, friendly round the clock chat support, quick turnaround times. What more can I ask for?
Eckehard W
I love the fact we can leave credit laying here and soak it up when we need to, it makes perfect sense for a team.
Keep up the good work!
Anonymous Customer
Assistance was ultimate. It will be more good if we can get call support or screensharing.
Manjunatha D