TLS 1.3 has been around for quite some time now. Why does RouterOS still not support it?
Because there is no urge for Mikrotik to support it. As long TLS 1.2 is not deprecated/discouraged as 1.0/1.1 - Mikrotik won’t move.
Even my brother printer I just bought has tls 1.3 LOL. What a farce.
Yes yes, but why? I’d think they would want to ensure RouterOS supports the current security standards at a minimum.
My Ubiquiti EdgeRouters, which haven’t gotten a real software release in 4+ years, support TLS 1.3.
We don’t know.
When a company fails to communicate properly, it is left to others to speculate.
This is where MTs marketing and communications director is a complete failure.
my guess → Lazy
What i hope its not → lack the technical competence to code it in.
if they dont use any of the common libraries like openssl, then it is maybe quite an effort for Mikrotik. They have to set priorities. Not laziness. We know ROS lacks many features and I guess support for TLS 1.3 is not crucial - now.
Yes, bit of tongue in cheek there, but concur, lack of resources 
to ensure the router is up to date.
This is not like wifi7 which entails buying new hardware and adapting etc… and also waiting for optimal pricing, new kid off the block has highest initial costs until they are mass produced.
As long as TLS 1.2 is still considered secure and ROS supports secure ciphers, I couldn’t care less. Everything else is compliance BS.
From my reading, tls 1.3 is a no-brainer.
It’s is not just about security, TLS 1.3 have more optimal handshake, less round trips.
True. But when it comes to managing your router/switch/AP, how many hundreds of connection inits per second do your devices get hit with?
The feature you’re mentioning may matter for large web servers with thousands connections per second, not for average MT router with a few connections a day.
Worlds biggest RouterOS fanboy here. I cannot express to you guys how disappointed I was in Mikrotik to find they do not support TLS 1.3. I was pleasantly surprised to find they support 802.11u and RadSec as a AAA protocol. RouterOS has everything it needs for a low-cost Passpoint-type hotspot, but it must support OpenRoaming. OpenRoaming (and any modern private aaa with security in mind) rely on Radsec with ECC certs (secp384r1) and TLS 1.3. RouterOS may not wish to support tls1.3, but in a hotspot federation whose partners and PKI requires it, Mikrotik simply cannot establish the necessary trust and security/privacy without it. What a pity. Honestly I’ve been less disappointed in my children and they’ve had a lifetime to try…