TLS version 1.3 in Production servers.
Salz, Rich
rsalz at akamai.com
Sat Mar 14 13:02:45 UTC 2020
* I am reading this article https://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_1.3<https://urldefense.proofpoint.com/v2/url?u=https-3A__en.wikipedia.org_wiki_Transport-5FLayer-5FSecurity-23TLS-5F1.3&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=fCbKo1PqkI-xmUI3r8SEeBwi0vGNun5Nu-BSjIhMSRk&s=mZTWgcptYk4kmksLTFbRn4MxTRgcCHBN-ZMCbCKEKR8&e=> I have a followup question regarding TLS version 1.3. Can we use it in production servers or it is good to be on TLS version 1.2? I look forward to hearing from you.
There are no problems with the protocol; it has had extensive analysis. There are no known implementation bugs, but of course that doesn’t mean there are none. Most browsers will use TLS 1.3 if the server supports it. Many big websites or providers use it. Go ahead. It does a smidgen more crypto work, but client/server latency is reduced.
As for TLS 1.2, it has not had as much analysis, but has no known protocol flaws. It is also considered safe to use.
Do not use TLS 1.1, TLS 1.0 or SSL 3.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20200314/4ba6380c/attachment-0001.html>
More information about the openssl-users
mailing list