TLS 1.3 Is Coming: Here's What You Need To Know To Be Prepared For It

[erek]

Security is important.

"The TLS 1.3 update provides better enhancements over TLS 1.2 and is defined in the IETF RFC 8446. TLS 1.2 was defined in RFC 5246 and has been implemented for the last eight years by most mainstream browsers. TLS 1.2, like other iterations, permits older encryption methods to be used to accommodate older computer systems. Exposing the protocol to numerous weaknesses, such as man-in-the-middle attacks, leaves it susceptible to DROWN, SLOTH and POODLE attacks."

https://www.forbes.com/sites/forbes...d-to-know-to-be-prepared-for-it/#57b7ddbc58af

 

[Mega6]

My version 69.0.1 this was already set at 4

Enable TLS 1.3 in Firefox

• Search for about:config in the address bar and press enter.
• In the search space, search for tls.version.max.
• Now change the value from 3 to 4.
• Restart your Firefox.
• Click on the padlock in the URL bar.
• Now you should see a small pop-up citing the connection to be secure

 

[toast0]

TLS 1.3 support in OpenSSL was released in September 2018, and IIRC the open source browsers already supported it back then. The RFC was finalized August 2018. You should support it if you can, it's a meaningful upgrade.

 

[JAB Creations]

For fellow webmasters you can choose which ciphers to discard, here is an example via Immuni Web. There are other tools like SSL Labs which it's always good to have multiple perspectives. I don't know about cPanel though you can use their WHM (if you have root I believe) to remove less secure ciphers. A bit of a pain though worth it. It's important to validate more than just one's HTML. I'm still waiting for cPanel to add proper support for TLS 1.3 (they may have finished in the past couple of weeks, not sure).

There are other web hosting control panel software packages out there. When it comes to this type of security you really need to have higher levels of access to be able to make effective changes.