[ad_1]
Apple, Google, Microsoft, and Mozilla announced plans today to disable Transport Layer Security (TLS) 1.0 and 1.1 support in their respective browsers in the first half of 2020.
"January 19th of next year marks the 20th anniversary of TLS 1.0, the inaugural version of the protocol that encrypts and authenticates secure connections across the web," said Kyle Pflug, Senior Program Manager for Microsoft Edge.
"Two decades is a long time ago," he said. "While we are not aware of significant vulnerabilities with our up-to-date implementations of TLS 1.0 and TLS 1.1 […] moving to newer versions helps ensure a more secure Web for everyone. "
The move comes as Internet Engineering Task Force (IETF) – the organization that develops and promotes Internet standards – is hosting discussions to formally deprecated both TLS 1.0 and 1.1.
All four browsers –Chrome, Edge, IE, Firefox, and Safari– already support TLS 1.2 and will soon support the recently released version of the TLS 1.3 standard. Chrome and Firefox already support TLS 1.3, while Apple and Microsoft are still working on support.
Microsoft makes public stats from SSL Labs, which show that 94 percent of the Internet's sites have been migrated using TLS 1.2.
"The Microsoft Edge is using TLS 1.0 or 1.1," Pflug said, citing internal stats.
Windows users and system administrators can test the impact of having TLS 1.0 and TLS 1.1.
They can do this by accessing the "Internet Options" setting in the Windows control panel, visiting the "Advanced" tab, and unticking the "Use TLS 1.0" and "Using TLS 1.1" options in the Security section.
Article updated 2 hours ago by Apple, Google, and Mozilla. The original version of this article only describes Microsoft's plan to deprecate TLS 1.0 and TLS 1.1.
RELATED COVERAGE:
Source link