Pin domain to certification authority https://blog.qualys.com/ssllabs/2017/03/13/caa-mandated-by-cabrowser-forum
TLS1.3 Support on OpenSSL (in development)
A good explanation why TLS1.3 is great https://blog.cloudflare.com/tls-1-3-overview-and-q-and-a
Test connection in your browser with a TLS1.3 only server https://tls13.crypto.mozilla.org
Man in the Middle Attacks (MITM)
So far it is not clear if TLS1.3 will effectively warn and disallow man in the middle attacks of so called security boxes. These boxes are mostly outdated security voodoo and make web traffic insecure without warning the users that this will allow the security box admin to read all web traffic including passwords.