Stefan Mileschin

Government sites are not upgraded

Big Cheeses in the Mozzarella Foundation have reenabled support for the insecure TLS 1.0 and TLS 1.1 in the latest version of Firefox.

Apparently it is necessary to maintain access to government sites with COVID19 information that haven't yet upgraded to TLS 1.2 or TLS 1.3.

A spokesMozzarella said: "We reverted the change for an undetermined amount of time to better enable access to critical government sites sharing COVID19 information.”

TLS 1.0 and TLS 1.1 support was dropped with the release of Firefox 74.0 on March 10 to improve the security of website connections, with sites that don't support TLS 1.2 or TLS 1.3 to show a "Secure connection failed" error page instead of their contents and an override 'Enable TLS 1.0 and 1.1' button for that web site connection.

In October 2018, all major browser makers including Microsoft, Google, Apple, and Mozilla announced the retirement of the TLS 1.0 and TLS 1.1 protocols released over a decade ago.

With more than 97 percent of the sites surveyed by Qualys SSL Labs supporting TLS 1.2 and TLS 1.3, the decision to retire the two protocols in favor of newer and better supported TLS 1.3 and TLS 1.3 is logical as they can provide a more secure path.

Firefox had the largest amount of connections, with 1.2% of all connections using TLS 1.0 or 1.1.

Netcraft reported at the beginning of March 2020, over 850,000 websites are still using the outdated and insecure TLS 1.0 and TLS 1.1 protocols that expose users to a wide range of cryptographic attacks leading to their web traffic being decrypted by attackers.

https://fudzilla.com/news/50527-fire...-0-and-tls-1-1