Closed Bug 1606734 Opened 3 years ago Closed 3 years ago

Disable TLS 1.0 and 1.1 by default


(Core :: Security: PSM, task, P1)




Tracking Status
relnote-firefox --- 74+
firefox74 --- fixed


(Reporter: mt, Assigned: mt)


(Blocks 2 open bugs, )


(Keywords: dev-doc-complete, site-compat)


(1 file)

Current plan is to disable these versions in Firefox Release version 74 unconditionally, with just the ...enable-deprecated pref and UX as a bustage-mitigation measure.

This bug tracks removal of the guards around the pref defaults for security.tls.version.min.

Keywords: site-compat
Pushed by
Disable TLS 1.0 and 1.1 by default, r=keeler
Closed: 3 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla74

Updates made on MDN concerning TLS 1.0/1.1 removal; see for the full details.

Let me know if there's anything else you'd like to see changed in terms of docs. Thanks!

Martin, should that be also notes in our general release notes for 74?

Flags: needinfo?(mt)

Yes, it would be wise. This is a big and noticeable change, unfortunately.

Flags: needinfo?(mt)

Release Note Request (optional, but appreciated)
[Why is this notable]: This change will result in a subset of sites becoming inaccessible, though users still have the option to re-enable TLS 1.0 in the short term. Thousands of sites will be affected.
[Affects Firefox for Android]: Yes
[Suggested wording]: Disabled TLS 1.0 and TLS 1.1. Sites that don't support TLS version 1.2 will show an error page.
[Links (documentation, blog post, etc)]:

relnote-firefox: --- → ?
Flags: needinfo?(mt)

Note added to our 74 beta release notes, thanks.

Blocks: COVID-19
You need to log in before you can comment on or make changes to this bug.