TLS 1.3 design finalized

The biggest practical development in crypto for 2016 is the finalization  Transport Layer Security version 1.3. TLS is the most important and widely used cryptographic protocol and is the backbone of secure Internet communication.

How might users notice TLS 1.3?

Speed. TLS 1.3 is designed for speed, specifically by reducing the number of network round-trips required before data can be sent to one round-trip (1-RTT) or even zero round-trips (0-RTT) for repeat connections.

These ideas have appeared before in experimental form through the QUIC protocol and False Start for earlier TLS versions, but as part of the default behavior of TLS 1.3 they will soon become much more widespread. This means latency will decrease and webpages will load faster.

TLS 1.3 should be a big improvement security-wise.

First, the protocol is much simpler by removing support for a number of old protocol features and obsolete cryptographic algorithms. Additionally, TLS 1.3 was designed with the benefit of model checking (which has been used to find flaws in many older versions of TLS and SSL).

What are you waiting for?

Now, all we need to do is wait for OpenSSL to release a updated version with TLS. 1.3, something they are working on.  Or if you don’t have time for that, you could build OpenSSL from source yourself.