[ad_1]
In unison, Apple (WebKit), Mozilla, Microsoft and Google announced yesterday that they would disable support for TLS 1.0 and TLS 1.1 by March 2020 on their respective Safari, Firefox browsers. , Edge and Chrome.
Regarding Safari, Apple has announced that "Transport Layer Security (TLS) is a critical security protocol used to protect Web traffic and ensures the confidentiality and integrity of data in transit between clients and servers exchanging data. information (often sensitive) To use this data, it is important to use modern and more secure versions of this protocol, especially applications that need to move away from TLS 1.0 and 1.1, which has many advantages, including :
-
Modern cryptographic cryptographic suites and algorithms with desirable performance and security properties, such as a perfect transmission secret and authenticated encryption, which are not vulnerable to attacks such as BEAST.
-
Removed mandatory and unsecured SHA-1 and MD5 hash functions as part of peer authentication.
-
Resistance to downgrade attacks such as LogJam and FREAK.
The time has come to make this transition. Properly configured for App Transport Security (ATS) compliance, TLS 1.2 provides security for today's Web. This is the standard on Apple platforms and accounts for 99.6% of TLS connections made from Safari. TLS 1.0 and 1.1 – dating back to 1999 – account for less than 0.36% of all connections. With the recent development of TLS 1.3 by the IETF in August 2018, the proportion of traditional TLS connections is expected to decrease further. TLS 1.2 is also required for HTTP / 2, which dramatically improves web performance.
Therefore, we do not recommend support for TLS 1.0 and 1.1. Full support will be removed from Safari in Apple iOS and MacOS updates. starting with March 2020.
Mozilla, who is behind the Firefox browser, said in his announcement "On the Internet, 20 years, it's an eternity." TLS 1.0 will be 20 in January 2019. Since then, TLS has protected billions – and probably billions – of spying and attacking connections.
During this period, we have collectively learned a lot about the elements needed to design and create a security protocol.
Although we are not aware of any specific issues related to TLS 1.0 requiring immediate action, many aspects of the design are neither as powerful nor as robust as we would like given the nature of the Internet today. 39; hui. More importantly, TLS 1.0 does not support modern cryptographic algorithms.
The Internet Engineering Task Force (IETF) no longer recommends the use of older versions of TLS. A draft document describes the technical reasons in more detail.
Be aware that these changes will appear in the early versions of Firefox (Beta, Developer Edition, and Nightly) earlier than March 2020. We will announce specific dates when we have more detailed plans.
The ads were discovered by Ars Technica.
[ad_2]
Source link
