Why TLS 1.3 isn't in browsers yet
https://blog.cloudflare.com/why-tls-1-3-isnt-in-browsers-yet/ [blog.cloudflare.com]
2017-12-29 22:01
Pretty simple, right? As it turns out, some servers didn’t implement this correctly and this led to a chain of events that exposed web users to a serious security vulnerability.
However, insecure downgrades are called insecure for a reason.
This unexpected setback caused a crisis of sorts for the people involved in the protocol’s design.
Removing features that have been part of a protocol for 20 years and expecting it to simply “work” was wishful thinking.
The original protocol negotiation mechanism is unrecoverably burnt.