TLS 1.3 RFC has ‘shipped’:  RFC 8446.  Don’t yet know all that will have to be updated to support it, but I am working on openSSL 1.1.1 beta which is available in the Fedora 29 beta.  The openSSL team is looking at one more beta release (I had challenges with ED25519 certs, I will soon have an Internet Draft out on them).

So general heads up.  TLS 1.3 is claimed to be the cat’s meow for security (I see it as a kitchen sink).  There will be questions asking for when it will be available (wait until they start thinking about creating EDDSA pkis).

Yet another thing for our hard working CentOS team.