The common browsers like firefox, requires you to navigate the about:config and search for the tls security settings and set the max version to "4". Other browsers are similar to some degree of fashion.
example:
Now validate using mail.google.com ( yes google is tls v1.3 supported )
vrs 1.2
If you mistakenly set the TLS v1.3 support , and with no fallback, you will start seeing the following connection errors for know operative websites.
So what's all the TALK about tls v1.3 ?
A Simpilifed handshake that speeds up the delivery of the 1st byte sent for a website. So speed is one major change.
2: Improvement over all and with ciphers from tls v1.2
https://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_1.3_.28draft.29
So what the major issues that can come up ?
- it very new and needs experimentation and trials by the internet community to become comfortable with
- must existing systems don't have support for it
- most management interface for IT gear has no awareness of TLS v1.3
- most IT support staff from the network to security engineer, has no working knowledge of TLS much less for the latest version
- Various SSL deep inspection hardware can break
- some forward proxies if not update will break
Ken Felix
NSE ( network security expert) and Route/Switching Engineer
kfelix -----a----t---- socpuppets ---dot---com
^ ^
=( @ @ )=
o
/ \
No comments:
Post a Comment