[openssl-users] Call for testing TLS 1.3

Salz, Rich rsalz at akamai.com
Mon Apr 30 19:48:39 UTC 2018


>    The issue is most likely that no one "in the wild" has done any testing 
    of significance.

I thought the Akamai numbers were significant.
    
    I can certainly see tls1.2 exchange but there is nothing for tls1.3 and
    so I am working on getting a site up pronto ( in the wild ) to test.

I am sorry if it wasn't clear, but I was referring to *Akamai* not *OpenSSL.*  Let me repost the whole message edited a bit.

AKAMAI has partially deployed TLS 1.3 on one of its networks using its own server. Customer can opt-in to beta-test.  AKAMAI has already seen hundreds of millions of connections, with [xxx, elided] megabytes of data exchanged.   AKAMAI has found no issues.  AKAMAI does not do 0RTT. This is production traffic, not staging or test. AKAMAI has received no customer complaints.

I was surprised by how many connections and how much data AKAMAI is already seeing.  I think that makes a very strong argument that TLS 1.3 should be enabled by default if it all possible.





More information about the openssl-users mailing list