Apple today announced on its WebKit blog that it is ending support for TLS 1.0 and 1.1 starting in March 2020. TLS, or Transport Layer Security, is a security protocol used to protect web traffic.
Ahead of the planned deprecation, Apple recommends apps adopt TLS 1.2, which offers "security fit for the modern web." Upgrading from TLS 1.0 and 1.1 provides the following benefits, according to Apple:
- Modern cryptographic cipher suites and algorithms with desirable performance and security properties, e.g., perfect forward secrecy and authenticated encryption, that are not vulnerable to attacks such as BEAST.
- Removal of mandatory and insecure SHA-1 and MD5 hash functions as part of peer authentication.
- Resistance to downgrade-related attacks such as LogJam and FREAK.
TLS 1.2 is the standard on Apple platforms and already represents 99.6 percent of connections made from Safari. Apple says TLS 1.0 and 1.1 account for less than 0.36 percent of all connections.
Other browsers, including Firefox, Chrome, and Microsoft's Edge, are also planning to drop TLS 1.0 and 1.1 support starting in early 2020.
Top Rated Comments
Curious to know what would happen to the small amount of apps/pages that don't update to TLS 1.2? Will they just stop working?
Essentially.Which is a good thing.
Guess I’ll be stuck using ancient versions of chrome/Firefox for a while longer. I get the reasons, but there are use cases in the enterprise realm where we need to connect to ancient internal systems. It’s not always easy upgrading a server due to various compatibility requirements.
The sad part is that if one brings it up to management, they would see 2020 as very far away and would never prioritize such an upgrade, even if it was easy.Then when 2020 comes, big surprise and everyone starts running like chicken without their heads...
Curious to know what would happen to the small amount of apps/pages that don't update to TLS 1.2? Will they just stop working?
Yes. The browser would deny the request because it can not negotiate a secure connection.