End support for TLS 1.0 and TLS 1.1
19 October 2018
Apple, Microsoft and Google announced they will cease support of the encryption protocols TLS 1.0 and 1.1 from early 2020. Because the use of these protocols for setting up a secure connection is minimal, the impact will probably be low.
What will change exactly?
From early 2020 the internet protocols TLS 1.0 and 1.1 won’t be supported anymore by the the big browsers - Apple Safari, Google Chrome, Mozilla Firefox, Microsoft Edge & Internet Explorer. This is because TLS 1.0 and 1.1 are considered unsafe because they use outdated algorithms and functions like SHA-1 and MD5. Next to this there is no support for modern techniques like perfect forward secrecy.
TLS 1.2 and 1.3
TLS 1.2 will become the new standard, and the implementation of the latest TLS version 1.3 will be stimulated. TLS 1.2 was published in 2008 and is by now widely used. The development of TLS 1.3 was completed in March 2018, the Request for Comments
- Accelerated speed, compared with the previous version only one round-trip is needed.
- Improved security, outdated and unsafe functions like SHA-1 and MDV were deleted.
What is TLS?
The encryption protocols Secure Sockets Layer (SSL) and its successor Transport Layer Security (TLS) secure the communication on the internet by encrypting HTTP-traffic. Although SSL is still the most commonly used term, we use the newer TLS protocol from 1999 already. When setting up a secure connection the client and the server negotiate during the handshake about the best protocol they both can use to protect the channel. Several versions of SSL and TLS were developed; the most recent version is TLS 1.3. From the introduction of a protocol, after certain time vulnerabilities are found, that is why new and improved versions are released regularly.
What can you do?
As a server administrator you can set up which encryption protocols you want to allow for setting up secure connections. Do you have questions about enabling or disabling TLS protocols? Please contact our support department via 088-775 775 1 or firstname.lastname@example.org
Call us +31 88 775 775 0
Our SSLCheck will examine your website's root and intermediate certificates for correctness and report any potential issues