The Transform Technology Summits start October 13th with Low-Code/No Code: Enabling Enterprise Agility. Register now!


Google, Microsoft, Mozilla, and Apple today announced they will disable Transport Layer Security (TLS) 1.0 and 1.1 by default in their respective browsers in 2020. TLS 1.2 will thus be the default version, unless of course TLS 1.3 is available.

TLS is a cryptographic protocol designed to provide communications security over a computer network — websites use it to secure all communications between their servers and browsers. TLS also succeeds Secure Sockets Layer (SSL) and thus handles the encryption of every HTTPS connection.

The latest version, TLS 1.3, is supported by both Chrome and Firefox. Microsoft and Apple plan to support TLS 1.3 in future versions of Edge and Safari, respectively.

TLS 1.0 will turn 20 years old on January 19, 2019. Here is what each browser maker has promised:

  • TLS 1.0 and 1.1 will be disabled altogether in Chrome 81, which will start rolling out “on early release channels starting January 2020.”
  • Edge and Internet Explorer 11 will disable TLS 1.0 and TLS 1.1 by default “in the first half of 2020.”
  • Firefox will drop support for TLS 1.0 and TLS 1.1 in March 2020.
  • TLS 1.0 and 1.1. will be removed from Safari in updates to Apple iOS and macOS beginning in March 2020.

Microsoft notes that “less than one percent of daily connections” in Microsoft Edge are using TLS 1.0 or TLS 1.1. That’s great news, but the company didn’t share usage for IE, which is likely much higher.

Apple added that TLS 1.0 and TLS 1.1 account for less than 0.36 percent of all connections made through Safari. Google and Mozilla did not share comparable numbers at the time, but it’s fair to say usage of older TLS versions is declining.

All four browser makers are calling on sites to move off of TLS 1.0 and TLS 1.1 as soon as possible. SSL Labs shows that 94 percent of sites today support TLS 1.2.

Update at 11:30 a.m. Pacific: This story started with Microsoft’s news, but Google, Apple, and Mozilla also made the same announcements for their respective browsers later in the day. With Flash also going away in two years, 2020 can’t come soon enough.

VentureBeat

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:
  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more
Become a member