Hey! I'm David, cofounder of zkSecurity and the author of the Real-World Cryptography book. I was previously a crypto architect at O(1) Labs (working on the Mina cryptocurrency), before that I was the security lead for Diem (formerly Libra) at Novi (Facebook), and a security consultant for the Cryptography Services of NCC Group. This is my blog about cryptography and security and other related topics that I find interesting.

TLS 1.3 is out! posted August 2018

TLS 1.3 has been released as RFC 8446. It took 28 drafts and more than 4 years since draft 0 to come out. Cloudflare has a long blog post about it. Some questions about the deployment of 1.3:

Will we see a fast deployment of the protocol? It seems like browsers are ready, but web servers will have to follow.
Who will use 0-RTT? I'm expecting the big players to use it (largely because they've been requesting it) but what about the small ones?
Are we going to see vulnerabilities in the protocol? It seems highly unlikely, TLS 1.2 itself (with AES-GCM) has remained solid for more than 10 years.
Are we going to see vulnerabilities in the implementations? We will see about that. If anything happens, I'm expecting it to happen around 0-RTT, PSKs and key exports. But let's hope that libraries have learned their lessons.
Is BearSSL going to implement TLS 1.3? It sounds like it.

Well done! You've reached the end of my post. Now you can leave a comment or read something else.

Here are some random popular articles:

Here are some random recent articles:

TLS 1.3 is out! posted August 2018

Comments