Mozilla Firefox will require user intervention to connect to websites using the TLS 1.0 or 1.1 protocol from March 2020 – and plans to eventually block those weak HTTPS connections entirely.
We have been hearing about issues with TLS 1.0 and 1.1 for some time. Web servers should really be using TLS 1.2 or 1.3 for their encrypted and secure HTTPS connections.
The PCI Data Security Standard (PCI DSS) for sites handling credit card transactions has required at least TLS 1.1 since 1 July 2018. That said, it is not until March this year that most users will see more than a warning in their web browser, and some browsers do not show any warning. We took a look at a website running TLS 1.0 in a variety of web browsers today. Of these:
- Google Chrome 80 states: "Your connection to this site is not fully secure. This site uses an outdated security configuration."
- Firefox 72 warns: "Connection not secure. This page uses weak encryption."
- Safari 12.1 displays no warning and says: "Safari is using an encrypted connection."
- Microsoft Edge Chromium displays no warning and says: "Connection is secure."
- Microsoft IE 11 displays no warning and says: "This connection to the server is encrypted" (though you can block these protocols in Internet Options).
- Brave 1.2.43 displays no warning and says: "Connection is secure."
- Vivaldi 2.10.1745 displays no warning and says: "Connection is secure."
This is all about to change. Apple said: "Complete support will be removed from Safari in updates to Apple iOS and macOS beginning in March 2020." Google has said it will remove support for TLS 1.0 and 1.1 in Chrome 81 (expected on March 17). Microsoft said it would do the same "in the first half of 2020".
Mozilla has now spelled out its approach. From next month, users hitting a site running TLS 1.0 or 1.1 will not connect immediately, but see a warning screen stating: "Secure connection failed." There is an option to override this, in which case it will be overridden for all sites.
Thyla van der Merwe, cryptography engineering manager at Mozilla, said: "We plan to keep the override button for now; the telemetry we're collecting will tell us more about how often this button is used. These results will then inform our decision regarding when to remove the button entirely. It's unlikely that the button will stick around for long. We're committed to completely eradicating weak versions of TLS."
A user has already queried why Firefox will not allow the override on a per-site basis. "We decided on a global fallback," said van der Merwe, without explaining why.
Will this cause problems? According to SSL Pulse, which gives TLS version stats based on the top 150,000 most visited websites, 96.8 per cent support TLS 1.2. That said, 71.5 per cent also support TLS 1.1 and 61.5 per cent TLS 1.0 so it is possible, but optional, to connect using these older versions.
The great majority of sites therefore are ready for the change. There can be issues for applications, though, if they connect to web services using a deprecated TLS version. For example, apps built with .NET Framework 4.5 and below do not use TLS 1.2 by default and may throw errors. It is another reason to upgrade legacy applications. Another problem is old mobile phones. Android did not support TLS 1.2 until version 4.1 (Jelly Bean) in 2012.
In the unlikely event that admins have neglected to upgrade web servers to support at least TLS 1.2, March 2020 will be the wake-up call. ®