Disable TLS 1.0 and 1.1 by default
Categories
(Core :: Security: PSM, task, P1)
Tracking
()
People
(Reporter: mt, Assigned: mt)
References
()
Details
(Keywords: dev-doc-complete, site-compat)
Attachments
(1 file)
Current plan is to disable these versions in Firefox Release version 74 unconditionally, with just the ...enable-deprecated pref and UX as a bustage-mitigation measure.
This bug tracks removal of the guards around the pref defaults for security.tls.version.min.
|
Assignee | |
Comment 1•5 years ago
|
||
Depends on D58563
|
||
Updated•5 years ago
|
|
||
Comment 3•5 years ago
|
||
| bugherder | ||
|
|
||
Comment 4•5 years ago
|
||
Posted site compatibility note.
|
||
Updated•5 years ago
|
|
||
Comment 5•5 years ago
|
||
Updates made on MDN concerning TLS 1.0/1.1 removal; see https://github.com/mdn/sprints/issues/2754#issuecomment-587676139 for the full details.
Let me know if there's anything else you'd like to see changed in terms of docs. Thanks!
|
||
Comment 6•5 years ago
|
||
Martin, should that be also notes in our general release notes for 74?
|
|
Assignee | |
Comment 7•5 years ago
|
||
Yes, it would be wise. This is a big and noticeable change, unfortunately.
|
|
||
Comment 8•5 years ago
|
||
Could you request the addition please? Thanks
https://wiki.mozilla.org/Release_Management/Release_Notes#How_to_nominate_a_bug_for_release_notes_addition.3F
|
|
Assignee | |
Comment 9•5 years ago
|
||
Release Note Request (optional, but appreciated)
[Why is this notable]: This change will result in a subset of sites becoming inaccessible, though users still have the option to re-enable TLS 1.0 in the short term. Thousands of sites will be affected.
[Affects Firefox for Android]: Yes
[Suggested wording]: Disabled TLS 1.0 and TLS 1.1. Sites that don't support TLS version 1.2 will show an error page.
[Links (documentation, blog post, etc)]: https://hacks.mozilla.org/2020/02/its-the-boot-for-tls-1-0-and-tls-1-1/ https://blog.mozilla.org/security/2018/10/15/removing-old-versions-of-tls/
Description
•