safari iconApple today announced on its WebKit blog that it is ending support for TLS 1.0 and 1.1 starting in March 2020. TLS, or Transport Layer Security, is a security protocol used to protect web traffic.

Ahead of the planned deprecation, Apple recommends apps adopt TLS 1.2, which offers "security fit for the modern web." Upgrading from TLS 1.0 and 1.1 provides the following benefits, according to Apple:

- Modern cryptographic cipher suites and algorithms with desirable performance and security properties, e.g., perfect forward secrecy and authenticated encryption, that are not vulnerable to attacks such as BEAST.
- Removal of mandatory and insecure SHA-1 and MD5 hash functions as part of peer authentication.
- Resistance to downgrade-related attacks such as LogJam and FREAK.

TLS 1.2 is the standard on Apple platforms and already represents 99.6 percent of connections made from Safari. Apple says TLS 1.0 and 1.1 account for less than 0.36 percent of all connections.

Other browsers, including Firefox, Chrome, and Microsoft's Edge, are also planning to drop TLS 1.0 and 1.1 support starting in early 2020.

Top Rated Comments

flyinmac Avatar
flyinmac
49 months ago
Good... there’s no reason to allow less secure communication protocols to continue functioning. It defeats the purpose of implementing stronger more secure protocols if we continue allow weaker entry points to function.
Score: 6 Votes (Like | Disagree)
eoblaed Avatar
eoblaed
49 months ago
Curious to know what would happen to the small amount of apps/pages that don't update to TLS 1.2? Will they just stop working?
Essentially.

Which is a good thing.
Score: 4 Votes (Like | Disagree)
vmistery Avatar
vmistery
49 months ago
Honestly I’m surprised they are waiting until then. At work we went round and disable everything below 1.2 both client and server side last year once Windows Vista went out of support (the last Windows OS to not support 1.2).
Score: 3 Votes (Like | Disagree)
GenesisST Avatar
GenesisST
49 months ago
Guess I’ll be stuck using ancient versions of chrome/Firefox for a while longer. I get the reasons, but there are use cases in the enterprise realm where we need to connect to ancient internal systems. It’s not always easy upgrading a server due to various compatibility requirements.
The sad part is that if one brings it up to management, they would see 2020 as very far away and would never prioritize such an upgrade, even if it was easy.

Then when 2020 comes, big surprise and everyone starts running like chicken without their heads...
Score: 2 Votes (Like | Disagree)
coolfactor Avatar
coolfactor
49 months ago
Curious to know what would happen to the small amount of apps/pages that don't update to TLS 1.2? Will they just stop working?
Yes. The browser would deny the request because it can not negotiate a secure connection.
Score: 2 Votes (Like | Disagree)
thisisnotmyname Avatar
thisisnotmyname
49 months ago
1.0 and 1.1 have been broken for a very long time. This should absolutely be the case.
Score: 2 Votes (Like | Disagree)
Read All Comments

Popular Stories

top stories 2jul2022

Top Stories: M2 MacBook Air Release Date, New HomePod Rumor, and More

Saturday July 2, 2022 6:00 am PDT by
The M2 MacBook Pro has started making its way into customers' hands and we're learning more about how it performs in a variety of situations, but all eyes are really on the upcoming M2 MacBook Air which has seen a complete redesign and should be arriving in a couple of weeks. Other top stories this week included a host of product rumors including additional M2 and even M3 Macs, an updated...
Read Full Article20 comments
Mac Studio IO

Apple Begins Selling Refurbished Mac Studio Models

Thursday June 30, 2022 7:42 pm PDT by
Apple today began selling refurbished Mac Studio models for the first time in the United States, Canada, and select European countries, such as Belgium, Germany, Ireland, Spain, Switzerland, the Netherlands, and the United Kingdom. In the United States, two refurbished Mac Studio configurations are currently available, including one with the M1 Max chip (10-core CPU and 24-core GPU) for...
Read Full Article131 comments
airpods pro 2 1

AirPods Pro 2 No Longer Expected to Feature Built-In Heart Rate or Body Temperature Sensor

Sunday July 3, 2022 8:07 pm PDT by
While past rumors have indicated the upcoming second-generation AirPods Pro will feature a built-in heart rate and body temperature sensor, Bloomberg's Mark Gurman has cast doubt on those rumors turning out to be true, saying instead such a feature is unlikely to come anytime soon. "Over the past few months, there have been rumors about this year's model gaining the ability to determine a...
Read Full Article69 comments
Apple Watch 8 Unreleased Feature Thumb

Apple Watch Series 8 Model Rumored to Feature 5% Larger Display

Monday July 4, 2022 5:50 am PDT by
Apple is working on an Apple Watch Series 8 model with a larger display, according to DSCC's Ross Young and Haitong International Securities's Jeff Pu. In October last year, Young suggested that the Apple Watch Series 8 could come in three display sizes. Now, responding to a query about the rumor on Twitter, Young claims that the additional display size joining the Apple Watch lineup will be ...
Read Full Article165 comments
macbook air m2

Exclusive: Apple Plans to Launch MacBook Air With M2 Chip on July 15

Wednesday June 29, 2022 5:23 pm PDT by
The redesigned MacBook Air with the all-new M2 Apple silicon chip will be available for customers starting Friday, July 15, MacRumors has learned from a retail source. The new MacBook Air was announced and previewed during WWDC earlier this month, with Apple stating availability will begin in July. The MacBook Air features a redesigned body that is thinner and lighter than the previous...
Read Full Article325 comments