The Internet Engineering Task Force has released the final version of TLS, namely, version 1.3. This is groundbreaking news for the cybersecurity industry, as HTTPS, app, and web communications will become much safer because of it.
The latest version of TLS, dubbed RFC 8446, was released by IETF on Friday. CloudFlare engineers marked it as the first major protocol overhaul in years.
The previous version, 1.2, is now more than a decade old. Version 1.3, in comparison, is more secure, faster, and provides better performance when compared to its predecessor.
Given that this is a finished version, we should expect to see it deployed across browsers and websites pretty quickly. In 2016, CloudFlare made an effort to implement one of the early versions of 1.3, however, no major browser has done anything close until now. For example, Chrome and Firefox, did not have 1.3 enabled by default, so not a lot of traffic was protected by it.
Mozilla has made the announcement that TLS 1.3 is what you can expect to see from Firefox version 61 and onwards. CloudFlare and Mozilla both presented data suggesting that around 5% of users currently use 1.3.
IETF expects that the adoption of TLS 1.3 will be widespread and fast-paced.
In a statement, IETF mentioned that although version 1.2 can be deployed securely, there are some high profile vulnerabilities where outdated algorithms can be exploited. Version 1.3 provides an answer to the problem, and it’s much more secure because it only supports algorithms without any known vulnerabilities.