TLS version 1.3 in Production servers.
Kaushal Shriyan
kaushalshriyan at gmail.com
Sat Mar 14 13:41:49 UTC 2020
On Sat, Mar 14, 2020 at 6:32 PM Salz, Rich <rsalz at akamai.com> wrote:
>
> - I am reading this article
> https://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_1.3
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__en.wikipedia.org_wiki_Transport-5FLayer-5FSecurity-23TLS-5F1.3&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=fCbKo1PqkI-xmUI3r8SEeBwi0vGNun5Nu-BSjIhMSRk&s=mZTWgcptYk4kmksLTFbRn4MxTRgcCHBN-ZMCbCKEKR8&e=> I
> have a followup question regarding TLS version 1.3. Can we use it in
> production servers or it is good to be on TLS version 1.2? I look forward
> to hearing from you.
>
>
>
> There are no problems with the protocol; it has had extensive analysis.
> There are no known implementation bugs, but of course that doesn’t mean
> there are none. Most browsers will use TLS 1.3 if the server supports it.
> Many big websites or providers use it. Go ahead. It does a smidgen more
> crypto work, but client/server latency is reduced.
>
>
>
> As for TLS 1.2, it has not had as much analysis, but has no known protocol
> flaws. It is also considered safe to use.
>
>
>
> Do not use TLS 1.1, TLS 1.0 or SSL 3.
>
>
>
Thanks Rich Salz for the explanation and much appreciated. Please suggest
me books or tutorials to understand OpenSSL and TLS cryptographic protocol
in detail. I look forward to hearing from you. Thanks in advance.
Best Regards,
Kaushal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20200314/8860b39d/attachment.html>
More information about the openssl-users
mailing list