Geeks for your information News Browsers News & Tips v
Mozilla re-enables TLS 1.0 and 1.1 because of Coronavirus (and Google)
Mozilla re-enables TLS 1.0 and 1.1 because of Coronavirus (and Google)
harlan4096 Offline
MalWare Zoo Team
*******
Posts: 14,714
Threads: 9,641
Thanks Received: 9,085 in 7,235 posts
Thanks Given: 9,886
Joined: 12 September 18
#1
Information  22 March 20, 09:31
Quote:
[Image: firefox-74-tls-mozilla.png]

Mozilla released Firefox 74.0 Stable to the public on March 10, 2020. The new version of Firefox came with a number of changes and improvements; among them the deprecation of the security protocols TLS 1.0 and TLS 1.1 in the Firefox web browser.

The functionality has not been removed from Firefox but the default status of both protocols has been set to disabled in Firefox 74.0 by Mozilla.

A consortium of browser makers, among them Mozilla, Google, Microsoft and Apple, vowed to remove TLS 1.0 and 1.1 from their browsers in order to improve the security and performance of Internet connections by relying on TLS 1.2 and TLS 1.3 for secure connections.

Mozilla has re-enabled TLS 1.0 and 1.1 in the Firefox Stable and Beta browser; it is unclear when Mozilla did that but an update on the Firefox release notes page highlights why the protocols have been enabled again. Mozilla notes:

Quote:We reverted the change for an undetermined amount of time to better enable access to critical government sites sharing COVID19 information.

According to the update posted on the release notes page, Mozilla made the decision because some government sites still rely on the old protocols. Mozilla does not provide any examples of government sites that still rely on these dated protocols.

The organization's Site Compatibility site offers more details:

Mozilla is going to temporarily re-enable the TLS 1.0/1.1 support in Firefox 74 and 75 Beta. The preference change will be remotely applied to Firefox 74, which has already been shipped. This is because many people are currently forced to work at home and relying on online tools amid the novel coronavirus (COVID-19) outbreak, but some of critical government sites still don’t support TLS 1.2 yet.

A new bug on Mozilla's bug tracking site provides additional information and another reason entirely. Mozilla highlights that Google postponed Chrome releases and that it is unlikely that Google will disable TLS 1.0 and 1.1 in the Chrome browser for the time being and that this would leave Firefox as the sole browser with the protocols disabled in the Stable version.

The consequence is that Mozilla re-enabled TLS 1.0 and 1.1 in Firefox Stable and Firefox Beta. Firefox users may still disable the protocols manually in the browser by setting the preference security.tls.version.min to 3 to allow TLS 1.2 or higher only.

Now You: What is your take on the decision?
...
Continue Reading
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
Google Chrome 137.0.7151.103/.104
Google Chrome 137....harlan4096 — 09:35
Thunderbird version 139.0.2 (stable rele...
Thunderbird versio...harlan4096 — 09:26
Emsisoft Anti-Malware 2025.5.0.12672
Changes in 2025.5....harlan4096 — 07:22
Android Security Bulletin—June 2025
Android Security B...harlan4096 — 07:13
Audacity 3.7.4
Audacity 3.7.4​ ...harlan4096 — 07:11

[-]
Birthdays
Today's Birthdays
avatar (39)Julioagopy
avatar (49)aolaupitt2558
Upcoming Birthdays
avatar (38)Tedscolo
avatar (45)brakasig
avatar (44)JamesReshy
avatar (46)Francisemefe
avatar (39)leoniDup
avatar (38)Patrizaancem
avatar (38)biobdam
avatar (39)storoBox
avatar (47)kinotHeemn
avatar (38)Ceballos1976
avatar (39)efynu
avatar (31)horancos

[-]
Online Staff
There are no staff members currently online.

>