Mathematical differences in speed are not measurable differences in speed. TLS 1.2 is also not yet exploitable and is better than every incorrect implementation of 1.3 out there.ģ. If you are fine with settling for exploit-ridden, incorrect implementations of 1.3 currently available, then you cannot claim to care about anything you claim to care about in the implementation. Correctly implementing it will take time. TLS 1.3 is a radical update to the protocol, so much so that it was nearly named TLS 2.0. TLS 1.3 is not the same thing as TLS 1.2. You will see no difference in performance, other than perhaps at low power client No MS did not release support for TLS 1.2 within 6 months. Most (other than the ones where the protocol was fundamentally broken) of the famous SSL and TLS exploits have been created by bad open source solutions that incorrectly implemented SSL/TLS. In addition, these open source projects have also carelessly introduced exploits into TLS 1.3 that do not exist in 1.2, and simply having 1.3 enabled enables downgrade attacks against weaker protocols that can be completely broken. All efforts so far are based on code written before the standard was ratified and have extreme likelihood of containing legacy code that will provide a vector for exploit. In addition, TLS 1.3 was only ratified a few months ago.
MS, RSA and Cisco have the only TLS 1.0 implementations without active exploits because of it where nearly all other implementations do.
Microsoft is not like garbage developers - I mean open source developers that race to implement something for the personal gratification rather than for the quality of the product. TLS 1.3 is not a 'badly needed feature' and the speed benefits are not 'immense,' unless you are TLS servers on old consumer level hardware that lack AES accelerators.
0 kommentar(er)
