There's no real reason not to, according to Valsorda.
"I think it is viable to do TLS 1.3 deployment now," he said.
Cloudflare said last September that it would offer users of its content delivery network early access to TLS 1.3.
Now, said Valsorda, "All the Cloudflare customers on the free plan have TLS 1.3 enabled by default and we haven't seen any problems."
Cloudflare tends to enable beta features such as this automatically for non-paying customers, allowing paying customers with larger or more complex networks to opt in when they are ready. To date, 3,000 domains have opted to turn on TLS 1.3, in addition to those for whom Cloudflare turned it on by default.
The few glitches Cloudflare did encounter turned out not to be at the server end, but on the client side.
A few organizations using security appliances to monitor their users' web-browsing habits found that connections to servers running TLS 1.3 were dropped without warning, blocking access to the sites concerned.
This issue occurred only in appliances that passively monitored connections without trying to insert themselves into the connection, Valsorda said. When they overheard an exchange they didn't understand -- such as the negotiation of a TLS 1.3 connection -- they would simply cut it off. The two or three models concerned have now been patched by their manufacturers, he said.
The process of testing for such glitches is still largely manual, Valsora said: An organization running such an appliance would need to take a TLS 1.3-compatible version of Google Chrome, enable TLS 1.3 in the settings (a process he described as "not super user-friendly") and then try to connect out to a TLS 1.3-enabled website such as Cloudflare.com.
"Maybe we should be working on how to enable better testing out of enterprises," he added.
So if you do decide to upgrade to TLS 1.3, what's in it for you?
Apart from its immunity to attacks on earlier versions, "TLS 1.3 has a huge performance benefit in terms of connection setup time," Valsorda said.
That's because negotiating the initial encrypted connection takes only one round-trip between client and server in TLS 1.3, compared to two round-trips in TLS 1.2. That can save several hundred milliseconds on a mobile internet connection, potentially halving the time to download some images, he said.
There's also an option called 0-RTT (zero round-trip time) within TLS 1.3 to resume a recently used connection without renegotiating the encryption, speeding things even more.
Few web servers and CDN services support TLS 1.3, still fewer the 0-RTT option for now. The website Is TLS fast yet? has a list. (Its answer, by the way, is "Yes.")
Sign up for Computerworld eNewsletters.