Microsoft To Enables TLS 1.3 By Default In Windows 10 Test Builds

Microsoft has said it plans to enable the TLS 1.3 security protocol by default in Windows 10 Insider Preview test builds, beginning with Build 20170, as part of a broader rollout to Windows 10 systems.

The move is a significant step in deploying TLS 1.3, which deprecates TLS 1.2 and includes tighter security features.

TLS, or Transport Layer Security, is the world’s most deployed security protocol, encrypting data to provide secure communications between two endpoints.

Versions of the protocol are used in applications such as web browsing, email, instant messaging and Voice over IP.

Tighter security

TLS 1.3 tightens security by eliminating obsolete cryptographic algorithms, enhancing security when using older versions and encrypting as much as possible of the handshake, the negotiation that sets up a session.

The new protocol uses only three cipher suites, reducing complexity while improving security and interoperability.

It also uses a minimal set of cleartext protocol bits on the wire, which helps facilitate the deployment of future TLS versions and makes less user information visible over the network, Microsoft said.

Previous TLS versions exposed clients’ identity during client authentication unless it was accomplished via renegotiation, but the latest version keeps client authentication confidential.

“The protocol enables encryption earlier in the handshake, providing better confidentiality and preventing interference from poorly designed middle boxes,” said programme manager Sunny Zankharia and principal software engineer Andrei Popov, of Microsoft’s enterprise and OS security group, in a blog post.


“TLS 1.3 encrypts the client certificate, so client identity remains private and renegotiation is not required for secure client authentication.”

They said Microsoft recommends developers to begin testing TLS 1.3 in their applications and services right away.

The Microsoft Edge Legacy and Internet Explorer browsers can be configured to enable TLS 1.3 via the Advanced Settings menu, Microsoft said.

Chromium-based Microsoft Edge does not use the Windows TLS stack and is configured independently using the Edge://flags dialogue.

TLS 1.3 support is to be added to .Net beginning with version 5.0, the company said.

It noted that the three cipher suites supported in the Windows TLS stack are TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384 and TLS_CHACHA20_POLY1305_SHA256.

Microsoft, Google, Apple and Mozilla said in October 2018 they would retire the deprecated TLS 1.0 and TLS 1.1 protocols in the first half of 2020.

However, the transition has been delayed to the second half of the year due to the novel coronavirus pandemic.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Uber Competitor Bolt Raises Prices 10 Percent In London

Uber competitor Bolt raises prices 10 percent in London amidst driver shortage and regulatory changes…

12 hours ago

US Auto Regulator Discusses ‘Safety Concerns’ With Tesla

US and Canadian regulators looking into possible safety issues with Tesla Model 3 and Model…

13 hours ago

Cryptocurrency Funds Show Gains In Spite Of Selloff

Cryptocurrency-centric funds show strong gains for 2021, as assets such as Bitcoin and Ether rise…

13 hours ago

Google, Facebook Chiefs Signed Off On Secret Deal, Lawsuit Says

Google's Sundar Pichai and Facebook's Mark Zuckerberg signed off on a deal to carve up…

14 hours ago

North Korean Hackers ‘Stole $400m’ In 2021

Study finds North Korea-based hackers stealing more than $200m in cryptocurrency a year, rising to…

14 hours ago

Major Stolen Card Marketplace Shuts Down After Making Millions

Operators of stolen card data marketplace UniCC say they will 'retire' due to age and…

15 hours ago