Microsoft has enabled transport layer security 1.3 in build version 20170 of Windows 10. According to the software company, this is the first step towards widespread adoption for Windows 10.
Tls 1.3 is activated with iis / http.sys in version 20170 of the Windows 10 Insider Preview. As of the May 2019 Update, Windows 10 already has experimental support for the new tls version, but the default enable in the current test version is the prelude to the widespread adoption of tls 1.3 in Windows 10. The tls stack supports the cipher suites tls_aes_128_gcm_sha256, tls_aes_256_gcm_sha384 and tls_chacha20_poly1305_sha256. Microsoft advises developers to use these for apps and services.
Users of Edge Legacy and Internet Explorer can manually enable tls 1.3 according to Microsoft through the advanced settings in the Internet options. The Chromium-based Edge browser, like other Chromium browsers and Firefox supports TLS 1.3 as well. The new Edge browser does this independently of the Windows tls stack and management will be via an Edge: // flags setting.
With tls 1.3, perfect forward secrecy has been mandated and support for outdated and weak protection and hash functions such as md5 and sha-224 has been removed. The handshake between the user and the server has also been made more compact, so that less unencrypted data is exchanged.
Tls stands for transport layer security, the security protocol that provides authentication and encryption of connections between server and user, such as http connections, so that they cannot be eavesdropped or forged. In 2018, the Internet Engineering Task Force released the final version of TLS 1.3. In that year, the makers of the most popular browsers announced that they were going to end support for the outdated tls 1.0 and 1.1.