[prev in list] [next in list] [prev in thread] [next in thread]
List: ietf-tls
Subject: Re: [TLS] TLS 1.0
From: Hubert Kario <hkario () redhat ! com>
Date: 2018-01-10 13:50:19
Message-ID: 3993270.A1ar6zFAzh () pintsize ! usersys ! redhat ! com
[Download RAW message or body]
On Tuesday, 9 January 2018 20:48:29 CET Ilari Liusvaara wrote:
> On Tue, Jan 09, 2018 at 08:52:25AM -0800, Jason Mitchell wrote:
> > Hello,
> >
> > I'm actually looking for a list of browsers that still support TLS 1.0.
> > Any information that you can provide would be greatly appreciated.
>
> I think all browsers (outside some research stuff) support TLS 1.0.
> After all, TLS 1.0 is still the most widely implemented TLS version
> in the web serverside (TLS 1.2 is projected to overtake it in a few
> months).
>
> Basically, not supporting TLS 1.0 would cause horrible failure rates
> (and this also goes for some other very broken stuff like static RSA).
>
>
> This certainly includes the newest versions of (the full list would be
> pretty much the same as list of browsers):
>
> - Firefox (and its derivates)
> - Chrome (and Chromium)
> - Internet Explorer
> - Opera
> - Edge
> - Safari
> - Konqueror
>
> And many lesser-known browsers.
>
>
> On the positive side, even semi-recent versions of all the listed
> browsers do support TLS 1.2.
>
>
> (Debian unstable a few months ago was such that if you installed
> Konqueror from the repository, TLS 1.0 was hard-disabled in it).
There is plan to disable TLS 1.0 and TLS 1.1 in Fedora 28:
https://fedoraproject.org/wiki/Changes/StrongCryptoSettings
Debian unstable did that for OpenSSL already:
https://lists.debian.org/debian-devel-announce/2017/08/msg00004.html
So 2018 may be the first year we see at least some major browsers deployed
with TLS 1.0 support disabled by default.
--
Regards,
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 115, 612 00 Brno, Czech Republic
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic