Delaware, USA – March 26, 2018 – TLS 1.3 is approved by The Internet Engineering Task Force, eight years after the approval of the previous version of the standard. For four years, the IETF reviewed 28 drafts and selected the fastest and safest of them. TLS 1.3 uses new hashing and encryption algorithms, it also reduces the connection latency, which should facilitate the transition of an even larger number of companies to HTTPS. One of the key features of the new standard is protection from downgrade attacks, as well as general security boost – it seems uncrackable with known techniques and tools. The primary browsers will be the first to support the new protocol completely, but how fast network appliances will be able to switch to TLS 1.3 is still unknown, since many devices probably need to update the firmware.
In any case after the transition to the new version of the standard, the Internet will become a slightly more secure place, and the acceleration of the initial handshake between the client and the server will allow more sites to migrate from HTTP to HTTPS. For continuous monitoring of the security status and a holistic view of your certificates, you can use SSL Framework package from Threat Detection Marketplace, which analyzes internal and external network communications to alert SIEM administrator on any vulnerabilities in TLS digital certificates and their proper implementation.