Enforce TLS1.3 for API communication
we should ship our own SecurityProvider, Conscrypt: https://github.com/google/conscrypt
It allows us to enforce TLS1.3 on all devices.
Drawback: we're depending on another SSL lib (BoringSSL). Current OpenSSL implementations also support TLS1.3 and we're shipping OpenSSL already, but I haven't figured out how to make use of it in conjunction with OkHTTP, our http client lib.
Edited by cyberta