Mozilla implemented support for the security protocol TLS 1.3 in Firefox 49 recently.
TLS 1.3 is the most recent version of TLS (Transport Layer Security), the successor of SSL (Secure Sockets Layer). TLS is a cryptographic protocol used to improve communications security on the Internet.
Most Internet users come in contact with TLS when browsing the web (when they connect to HTTPS websites), or when they setup email accounts manually. The protocol is used for other activities such as instant messaging or voice over IP however.
TLS 1.3 has been published as a draft in early 2016 which means that specifications may change before it is officially unveiled.
The new protocol version includes new features and security improvements, for instance the removal of weak functions.
Firefox 49 TLS 1.3
Mozilla added support for TLS 1.3 in Firefox 49. It needs to be noted that Firefox 49 is the target version, but that things may change along the way that delay the implementation so that it won’t be available in Firefox 49 Stable after all.
For now though, Firefox 49 is the target milestone for the feature.
TLS 1.3 is not enabled by default currently, and Firefox users who want to enable it need to change a parameter in Firefox before it can be used.
This is mostly useful for developers currently who want to test the implementation on web servers they run, as the majority of sites and services that use HTTPS are not supporting TLS 1.3 publicly yet.
To enable the feature in Firefox, do the following:
- Type about:config in the browser’s address bar and hit enter.
- Confirm that you will be careful if the prompt appears.
- Search for the parameter security.tls.version.max.
- Double-click on it, and change its value to 4.
This sets the maximum supported SSL/TLS version to 1.3. Please check out our TLS guide if you are interested in the parameter, and its sister-parameter security.tls.version.min.
Most SSL test services on the Internet don’t support TLS 1.3 yet. In fact, some may even display that the browser is supporting an unknown version of TLS.
Additionally, some sites may be broken if TLS 1.3 is enabled. Check out the broken sites text document on the Bugzilla bug listing for a list of sites that won’t work currently when you enable TLS 1.3 in Firefox.
Enabling TLS 1.3 support in Firefox is important but it will take time before servers on the Internet adopt the new version. (via Sören)