TLS 1.3 is out! posted August 2018

TLS 1.3 has been released as RFC 8446. It took 28 drafts and more than 4 years since draft 0 to come out. Cloudflare has a long blog post about it. Some questions about the deployment of 1.3:

• Will we see a fast deployment of the protocol? It seems like browsers are ready, but web servers will have to follow.
• Who will use 0-RTT? I'm expecting the big players to use it (largely because they've been requesting it) but what about the small ones?
• Are we going to see vulnerabilities in the protocol? It seems highly unlikely, TLS 1.2 itself (with AES-GCM) has remained solid for more than 10 years.
• Are we going to see vulnerabilities in the implementations? We will see about that. If anything happens, I'm expecting it to happen around 0-RTT, PSKs and key exports. But let's hope that libraries have learned their lessons.
• Is BearSSL going to implement TLS 1.3? It sounds like it.