/OpenSSL alpha with TLS 1.3 included

OpenSSL alpha with TLS 1.3 included

TLS 1.3 have been included into OpenSSL alpha so that the developer can proceed with their system and infrastructure.

People have waited this to be working into place since April 2014 where the first version of draft for the TLS 1.3 to be release. OpenSSL developer have mention that the OpenSSL Version 1.1.1 have been release to replace the current version of OpenSSL which is 1.1.0

Wait!

The developer should be aware that this is still in Alpha Version after all. However, the big improvement is that TLS 1.3 will take down on all of the old cryptographic algorithms that been configure for the TLS 1.2 where it will not allowed the developer to configure it into an Operational System.

Cloudflare have stated on their website here that all the vast of list for the potential loophole that related to TLS will erased forever in the new TLS version. Those potential attack are such as

  • RSA key Transport
  • CBC mode ciphers (BEAST and Lucky 13)
  • RC4 Stream Cipher
  • SHA-1 hash function
  • Arbitrary Diffe-Hellman group (CVE-2016-0701)
  • Other Export Cipher ( FREAK and Logjam)

source: Cloudflare : Introducing TLS 1.3 and OpenSSL announcement