Firefox re-enables TLS 1.0 and 1.1 to improve access to government sites that transmit new coronavirus information
"TLSIs a type of protocol for data communication requiring security in networks such as the Internet. Older versions of TLS, TLS1.0 and TLS1.1, were noted to have numerous vulnerabilities, and major browsers have disabled TLS1.0 and TLS1.1 to improve security. I have decided. Firefox developed by Mozilla also invalidated TLS 1.0 and TLS 1.1 with “ Firefox 74 '' released officially on March 11, 2020, but “ TLS 1 again due to the influence of the new coronavirus infection .0, TLS1.1 enabled. "
Firefox 74.0, See All New Features, Updates and Fixes
TLS 1.0 / 1.1 support has been removed (Reverted) | Firefox Site Compatibility
Mozilla re-enables TLS 1.0 and 1.1 because of Coronavirus (and Google)-gHacks Tech News
SSLTLS, which has been developed as a successor to Around 1999, provides functions such as encryption of communication using public key certificates and private key encryption, and tampering detection using hash functions, enabling secure transmission and reception of data. It has become. However, it has been pointed out that TLS1.0 and TLS1.1, which are older versions of TLS, have a number of vulnerabilities, and major browsers such as Google Chrome, Safari, Microsoft Edge, Internet Explorer, and Firefox say, "TLS1.0 And support for TLS1.1 will end in the first half of 2020. "
Even in 2018, TLS1.2, which was already announced in 2008 as the next version of TLS1.1, was widely used, and 94% of websites supported TLS1.2. Since 98% or more of data communication performed by Firefox is performed by TLS 1.2 or TLS 1.3,Mozilla Security BlogStates that "twenty years on the Internet is forever", stating that support for TLS1.0 and TLS1.1 must be discontinued soon.
And on March 11, 2020, Mozilla released the official version of Firefox 74, finally disabling TLS 1.0 and 1.1 by default. With this change, an error message is now displayed when accessing websites that do not support TLS 1.2 or later.
However, on March 21, just 10 days after the official release of "Firefox 74", it is a technology news sitegHacks"Firefox has reinstated support for TLS1.0 and TLS1.1."
Looking at the official page describing the changes in "Firefox 74", the part that marked the change that TLS 1.0 and TLS 1.1 support has ended is crossed out, and "Share information on COVID-19" The duration is undecided, but we have reverted the changes to make access to important government sites more effective. "
According to Mozilla, many government websites do not support TLS1.2, although many websites support TLS1.2 or later. For this reason, it has prioritized giving people access to information about the new coronavirus infection, and has reinstated support for TLS1.0 and TLS1.1.
Mozilla is not the only browser whose initial schedule has changed due to the spread of the new coronavirus infection. Chrome has already been suspended due to the impact of the new coronavirus update, and the impact is appearing everywhere.
by Tati Tata