Major browsers simultaneously abandon support for old security standards – TechCrunch

Firefox, Chrome, Edge, Internet Explorer, and Safari no longer support older versions of the TLS Online Security Protocol, which is used in virtually all online encrypted exchanges. Although few people or machines use TLS versions 1.0 and 1.1, which have long been unsafe, they are still allowed in many connections, but not for long.

Transport Layer Security is a community-developed standard, version 1.0 of which was released almost 20 years ago. She and her close relative, 1.1, have known defects that make them unsafe to use for secure communications. 1.2 solved these major problems in 2008 and is currently used by the vast majority of customers. Version 1.3, released earlier this year, improves and simplifies the standard, but has so far only a limited online presence, many servers and services have not been updated to support it .

Mozilla, Google, Microsoft and WebKit have all made separate but similar ads on their blogs, essentially indicating that older versions, 1.0 and 1.1, would be removed from here in early 2020 – March specifically for some, which we can be considered as a general indicator of the current situation. other.

"Two decades is a long time for unmodified security technology," wrote Kyle Pflug of Microsoft. "Although we are not aware of major vulnerabilities with our recent implementations of TLS 1.0 and TLS 1.1, there are vulnerable third-party implementations. The transition to newer versions ensures a more secure Web for all. "

As a user, you have nothing to do. The browsers and applications you use will work exactly as before. They probably already use version 1.2. Mozilla shared a table showing that only a tiny fraction of the connections it sees use the previous versions:

These connections, small in proportion but still numerous, could be numerous. The old machines built here are there; old applications for which the security stack has not been updated for years; pirated devices. It's certainly neither you nor even your parents.

The long delay is due to the possibility (if not inevitable) that some critical systems (for example in aging municipal infrastructure) will cease to function because of this change. People need time to do a real check, even if they would probably have done it years ago.

This initiative should make everyone a little safer online, although everything will continue to work just as before. It's by design.