IETF Approves TLS 1.3 As Internet Standard (bleepingcomputer.com)

← Back to Stories (view on slashdot.org)

IETF Approves TLS 1.3 As Internet Standard (bleepingcomputer.com)

Posted by msmash on Monday March 26, 2018 @06:54AM from the next-up dept.

An anonymous reader writes: The Internet Engineering Task Force (IETF), the organization that approves proposed Internet standards and protocols, has formally approved TLS 1.3 as the next major version of the Transport Layer Security (TLS) protocol. The decision comes after four years of discussions and 28 protocol drafts, with the 28th being selected as the final version. TLS 1.3 is now expected to become the standard method in which a client and server establish an encrypted communications channel across the Internet -- aka HTTPS connections.

The protocol has several advantages over its previous version -- TLS 1.2. The biggest feature is that TLS 1.3 ditches older encryption and hashing algorithms (such as MD5 and SHA-224) for newer and harder to crack alternatives (such as ChaCha20, Poly1305, Ed25519, x25519, and x448). Second, TLS 1.3 is also much faster at negotiating the initial handshake between the client and the server, reducing the connection latency that many companies cited when justifying not supporting HTTPS over HTTP.

Browsers like Chrome, Edge, Firefox, and Pale Moon have already rolled out support for earlier versions of the TLS 1.3 draft, and are now expected to update this support to the official standard.

9 of 84 comments (clear)

Min score:

Reason:

Sort:

PFS made it by bill_mcgonigle · 2018-03-26 06:59 · Score: 5, Informative

I'm pretty sure this means the efforts to make PFS optional failed:

IETF members voted the protocol unanimously, even after members of the financial sector asked for the introduction of a backdoor in the protocol's structure, so financial institutions could decrypt TLS 1.3 traffic inside internal networks.
The proposal was laughed off by experts, who pointed out that the backdoor would effectively make TLS 1.3 useless in the first place.

--
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
1. Re:PFS made it by mellon · 2018-03-26 07:26 · Score: 2
  
  Yeah, there was no consensus to do the PFS weakening proposal. The proponents of this work are now working on an out-of-band signaling mechanism. It was a really crappy situation—the people behind the PFS-weakening have a real problem. They were just taking (IMHO) the wrong approach to addressing it. Hopefully now they will regroup and try to do something less harmful to the Internet.
Also by geek · 2018-03-26 07:05 · Score: 2

It makes MITM attacks almost impossible. GG corporate proxy decryption.
Not a feature.... by shaitand · 2018-03-26 07:09 · Score: 3, Insightful

"The biggest feature is that TLS 1.3 ditches older encryption and hashing algorithms (such as MD5 and SHA-224) for newer and harder to crack alternatives"

Adding support for bigger and better algorithms and defaulting to them if available is a feature, dropping support is a nightmare. It's challenging enough communicating with things like embedded web servers on old ilo interfaces and the like because they did this with TLS 1.3. It should be strongly advised to update to the latest and greatest but it shouldn't be forced because it isn't always possible.
1. Re: Not a feature.... by ERJ · 2018-03-26 07:27 · Score: 3, Informative
  
  The fallback would happen at the protocol level if you need older crypto standards (I.e. TLS 1.3 fallback to TLS 1.2).
2. Re:Not a feature.... by vux984 · 2018-03-26 08:10 · Score: 2
  
  Maybe you should think about retiring these old devices, especially if they are visible from the global Internet.
  What if they are not visible?
  
  The encryption that they support is no longer fit for purpose and is dangerous -- vulnerable to being cracked by $enemy.
  God forbid an $enemy inside my lan sees what is about to come out of the laser printer, a few seconds before it literally gets printed out on paper in plain text.
  At the lab we have equipment that still run MSDOS internally. Hundreds of thousands of dollars worth, and they work perfectly fine. I agree we shouldn't put them anywhere publicly facing on the internet. But they accept jobs over the LAN just fine.
  
  Continuing to use them is like continuing to drive a car where it is known that the brakes have failed.
  It's really not though.
3. Re:Not a feature.... by MachineShedFred · 2018-03-26 08:28 · Score: 2
  
  There's still many different ciphers and hashes available without the brand new - they are retiring age-old stuff that is on the edge of being broken, as well as ciphers and hashes that have known collisions and attacks.
  If you're still using these 10+ year old ciphers for security, you aren't secure to begin with - your TLS client may as well tell you so outright.
  
  --
  Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
Re:A better alternative. by Alain+Williams · 2018-03-26 07:27 · Score: 4, Interesting

But I wish they would find a way to make encryption secure and much more cheaper (Certificates are still a killer, in terms of ease of installing, and price you often need to pay for them, for the amount of actual validation they give you for it)
Try looking at Let's Encrypt if you want free certificates.
Re:Oh Lordy! by jfdavis668 · 2018-03-26 08:16 · Score: 2

Download the Firefox source code and modify it any way you please.