Stories
Slash Boxes
Comments

SoylentNews is people

History and Current State of TLS 1.3

posted by martyb on Wednesday July 17 2019, @12:34AM   Printer-friendly
from the heat-death-of-the-universe-to-break,-or-maybe-five-years dept.

RandomFactor writes:

One year ago the IETF published TLS 1.3 in RFC 8446. Here is what is different from previous versions.

TLS 1.3 is the seventh iteration of the SSL/TLS protocol, having been preceded by SSL 1.0, SSL 2.0, SSL 3.0, TLS 1.0, TLS 1.1, and TLS 1.2.

TLS 1.2 has been serving the internet faithfully for a decade now, yet nearly 25% of the Alexa Top 100,000 still doesn't support it. That's problematic, because making the jump from TLS 1.2 to to TLS 1.3 is already a fairly large change. Upgrading from even older protocols will require even more configuration.

Now, that's not to imply upgrading is prohibitively difficult, it's more to illustrate that one of the biggest challenges that's going to face TLS 1.3, at least for the next year or so, is the rate of adoption.

As of the end of last year, just over 17% of the Alexa Top 100,000 supported TLS 1.3.

Here are the primary differences in TLS 1.3 and prior versions:

- Eliminates support for outmoded algorithms and ciphers
- Eliminates RSA key exchange, mandates Perfect Forward Secrecy
- Reduces the number of negotiations in the handshake
- Reduces the number of algorithms in a cipher suite to 2
- Eliminates block mode ciphers and mandates AEAD bulk encryption
- Uses HKDF cryptographic extraction and key derivation
- Offers 1-RTT mode and Zero Round Trip Resumption
- Signs the entire handshake, an improvement of TLS 1.2
- Supports additional elliptic curves

In short, TLS 1.3 is faster to establish, faster to reestablish, streamlined throughout, and more secure than previous versions of SSL and TLS.

Most popular browser clients already support TLS 1.3. Server library versions supporting TLS 1.3 include

- OpenSSL 1.1.1
- GnuTLS 3.5.x
- Google's Boring SSL (current)
- Facebook's Fizz (current)

What's in your server?

Original Submission

 
This discussion has been archived. No new comments can be posted.
History and Current State of TLS 1.3 | Log In/Create an Account | Top | 24 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by The Shire on Wednesday July 17 2019, @01:08PM (8 children)

    by The Shire (5824) on Wednesday July 17 2019, @01:08PM (#867973)

    TLS 1.2 isn't going anywhere soon - all of the systems under my control support both 1.2 and 1.3 (1.0 and 1.1 are ancient history). I also limit TLS 1.2 to the latest ciphers supporting perfect forward secrecy and the only systems that can't connect are those using Safari 8 or earlier, Windows Phone 8.0 or earlier, or Android versions earlier than 4.4.2. Basically, if you can't connect to any of my services it's probably because you're running crap so old I really don't want to talk to you anyway :P

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 2) by FatPhil on Wednesday July 17 2019, @05:06PM (7 children)

    by FatPhil (863) <{pc-soylent} {at} {asdf.fi}> on Wednesday July 17 2019, @05:06PM (#868082) Homepage
    Is there a way of finding out what versions of SSL/TLS and cyphers my phone supports? Some website that will report back what it was capable of handshaking with me. A quick google search yielded nothing useful. All I know is that its window on the internet is shrinking seemingly day by day. The most annoying thing is where sites, in order to protect me (they are there to serve me in theory, so it must be for my benefit), show me absolutely nothing rather than just falling back to showing me static content on HTTP. 99% of the time, I don't trust them anyway, why should I have to go through the charade of pretending to something in secret?
    --
    Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves

    • (Score: 2) by The Shire on Wednesday July 17 2019, @07:40PM (5 children)

      by The Shire (5824) on Wednesday July 17 2019, @07:40PM (#868178)

      Assuming you're trying to connect to a server that is locked down to TLS 1.2 and TLS 1.3 using only the latest secure ciphers these are the minimum phone configurations that will work:

      Android 4.4.2
      Safari 9 / iOS 9
      IE11 / Windows Phone 8.1U

      If the destination server allows for some of the older less secure ciphers then obviously older phone configs will work. I don't know of anyone who has plans to lock their systems down to TLS 1.3 exclusively so these specifications should hold true for the foreseeable future.

      • (Score: 2) by FatPhil on Thursday July 18 2019, @09:06AM (4 children)

        by FatPhil (863) <{pc-soylent} {at} {asdf.fi}> on Thursday July 18 2019, @09:06AM (#868420) Homepage
        Alas, I'm on Maemo...
        --
        Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves

        • (Score: 2) by The Shire on Thursday July 18 2019, @01:47PM (3 children)

          by The Shire (5824) on Thursday July 18 2019, @01:47PM (#868499)

          Maemo, which died almost a decade ago in favor of MeeGo, which died 7 years ago in favor of Tizen, and forked to Mer.

          It sounds like you've gotten all the value you're going to get out of that one - maybe it's time to buy something a tiny bit newer.

          • (Score: 2) by FatPhil on Friday July 19 2019, @08:33PM (2 children)

            by FatPhil (863) <{pc-soylent} {at} {asdf.fi}> on Friday July 19 2019, @08:33PM (#869158) Homepage
            Got any suggestions for a phone which will give me full access to the hardware, and the ability to install stock debian packages? And which has a hardware keyboard? And has 7 days battery life?
            --
            Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves

            • (Score: 2) by The Shire on Saturday July 20 2019, @02:25AM

              by The Shire (5824) on Saturday July 20 2019, @02:25AM (#869253)

              Depends on how tech savy you are. If I needed a device like that I would make my own, probably out of a Raspberry Pi 4 with a cellular modem "hat" and running Raspbian which is basically Debian 10 Buster It would be terribly bulky, especially with an extended battery, but it would work and you would have full access to the hardware and most stock debian packages. It would double as an almost pocket sized portable desktop as well.

            • (Score: 3, Funny) by The Shire on Saturday July 20 2019, @02:29AM

              by The Shire (5824) on Saturday July 20 2019, @02:29AM (#869254)

              https://wiki.zerophone.org/index.php/Main_Page [zerophone.org]

    • (Score: 0) by Anonymous Coward on Thursday July 18 2019, @01:19AM

      by Anonymous Coward on Thursday July 18 2019, @01:19AM (#868308)

      https://www.ssllabs.com/ssltest/viewMyClient.html [ssllabs.com]