It's time to upgrade to TLS 1.3 already, says CDN engineer

If you haven't upgraded your website to use TLS 1.2 encryption yet, get ready to skip a step.

Businesses dragging their heels over rolling out TLS 1.2 on their website might have an excuse to delay a little longer: Version 1.3 of the TLS (Transport Layer Security) encryption protocol will be finalized later this year, and early deployments of it are already under way.

TLS, the successor to SSL, is used to negotiate secure connections to web or mail servers, encrypting data on the move.

Six years in the making, TLS 1.2 added new, stronger encryption options -- but retained all the older, weaker encryption schemes that had gone before in the name of backward compatibility. Unfortunately, this meant that someone able to perform a man-in-the-middle attack could often downgrade connections to a weaker encryption system without the user being aware.

It was also susceptible to a bunch of other attacks, including DROWN, SLOTH and POODLE. 

Such attacks are good reasons to upgrade to TLS 1.3, according to Filippo Valsorda, a systems and cryptography engineer who has deployed TLS 1.3 system at content delivery network Cloudflare.

"A number the vulnerabilities that came out in the last two years that affected TLS 1.2 wouldn't have affected TLS 1.3 because of changes to the protocol," he said at a meeting of the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) in mid-June.

The designers of TLS 1.3 chose to abandon the legacy encryption systems that were causing security problems, keeping only the most robust. That simplicity is perhaps one of the reasons it will be ready in half the time it took to design its predecessor.

Connections will still fall back to TLS 1.2 if one end is not TLS 1.3-capable -- but if a MITM attacker attempts to force such a fallback, under TLS 1.3 it will be detected, Valsorda said.

Almost 93 percent of the websites in Alexa's top one million supported TLS 1.2 as of January, up from 89 percent six months earlier, according to a survey by Hubert Kario's Security Pitfalls blog. But seven percent of one million means a lot of websites are still running earlier and even less secure protocols.

Among the laggards are some sites you would hope to be on top of security: those taking online payments. Payment processors are still urging sites using their services to upgrade to secure versions of TLS before June 30, 2018, a deadline imposed by the Payment Cards Industry Security Standards Council.

So if you're still dithering over an upgrade from SSL or an early version of TLS to the latest thing, why not go straight to TLS 1.3?

There's no real reason not to, according to Valsorda.

"I think it is viable to do TLS 1.3 deployment now," he said.

Cloudflare said last September that it would offer users of its content delivery network early access to TLS 1.3.

Now, said Valsorda, "All the Cloudflare customers on the free plan have TLS 1.3 enabled by default and we haven't seen any problems."

Cloudflare tends to enable beta features such as this automatically for non-paying customers, allowing paying customers with larger or more complex networks to opt in when they are ready. To date, 3,000 domains have opted to turn on TLS 1.3, in addition to those for whom Cloudflare turned it on by default.

The few glitches Cloudflare did encounter turned out not to be at the server end, but on the client side.

A few organizations using security appliances to monitor their users' web-browsing habits found that connections to servers running TLS 1.3 were dropped without warning, blocking access to the sites concerned.

This issue occurred only in appliances that passively monitored connections without trying to insert themselves into the connection, Valsorda said. When they overheard an exchange they didn't understand -- such as the negotiation of a TLS 1.3 connection -- they would simply cut it off. The two or three models concerned have now been patched by their manufacturers, he said.

The process of testing for such glitches is still largely manual, Valsora said: An organization running such an appliance would need to take a TLS 1.3-compatible version of Google Chrome, enable TLS 1.3 in the settings (a process he described as "not super user-friendly") and then try to connect out to a TLS 1.3-enabled website such as Cloudflare.com.

"Maybe we should be working on how to enable better testing out of enterprises," he added.

So if you do decide to upgrade to TLS 1.3, what's in it for you?

Apart from its immunity to attacks on earlier versions, "TLS 1.3 has a huge performance benefit in terms of connection setup time," Valsorda said.

That's because negotiating the initial encrypted connection takes only one round-trip between client and server in TLS 1.3, compared to two round-trips in TLS 1.2. That can save several hundred milliseconds on a mobile internet connection, potentially halving the time to download some images, he said.

There's also an option called 0-RTT (zero round-trip time) within TLS 1.3 to resume a recently used connection without renegotiating the encryption, speeding things even more.

Few web servers and CDN services support TLS 1.3, still fewer the 0-RTT option for now. The website Is TLS fast yet? has a list. (Its answer, by the way, is "Yes.")

SSL and TLS aren't just for web servers, they are also used to encrypt connections to mail servers.

Janet Jones, co-chair of a M3AAWG group that aims to prevent the pervasive monitoring of communications, sees TLS 1.3 as key to securing email against interception.

"Some industries are going to love it from a security standpoint," she said.

On the other hand, wider usage of TLS 1.3 is not going to please governments wanting to conduct surveillance, or banks needing to comply with regulations to prevent collusion among traders. "They're not going to have the solutions to look at traffic and monitor it," she said.

But, she said, that's no reason to hold back on deployment of TLS 1.3.

"I would like to see more of our members doing deployments when this is released, or even prerelease."

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Peter Sayer

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?