More than 850,000 sites are still using the old TLS 1. 0 and 1. 1 protocol, as planned, most major browsers, such as Chrome and Firefox, will stop supporting older protocols later this month. According to a report released today by Netcraft, a British technology company, the main areas involved include banks, governments, news agencies, telecommunications, e-commerce stores and internet communities.
The report says 850,000 websites use HTTPS, but the version is too low. Because these sites are built based on TLS 1. 0 and TLS 1. 1 Protocol for the httpS connection of the encryption certificate.
TLS 1. 0 and TLS 1. 1 The old version of the protocol, released in 1996 and 2006, uses a weak encryption algorithm. In 2008 and 2017, new versions of the agreement were released, divided into TLS 1. 2 and TLS 1.3 are undoubtedly better than older versions and are safer to use.
TLS 1 in Spring 2018. Following the release of the 3 release, the big four browser makers, Apple, Google, Mozilla and Microsoft, jointly announced in October 2018 that they planned to eliminate TLS 1. 0 and TLS 1. 1 support.
These browsers began using TLS 1 last year. 0 and TLS 1. 1 The website is tagged with an “unsafe” logo on the URL address bar and lock icon, suggesting that the user’s HTTPS connection is not as secure as they thought.
Later this month, when users access the use of TLS 1. 0 or TLS 1. 1 site, the browser changes from showing a hidden warning to displaying an entire page error.
TLS 1.0/1.1 Website Displays Error in Chrome
With the release of Chrome 81 and Firefox74 later this month, sites with older protocols will display page errors, the report said. According to the original statement, Safari also plans to start this month without supporting TLS 1.0/1. 1 website, Microsoft will cancel the support for the old version after the Release of The Edge82 in April.
TLS 1.0/1.1 Website Displays Error in Firefox Browser
According to Netcraft’s scans, there are about 850,000 affected sites, of which more than 5,000 are ranked in the top 1 million sites in Alexa.
In response, Netcraft researchers say eliminating client support for these old protocols is the most effective way to ensure that their vulnerabilities no longer pose any risk. (zdnet)
(Original title: From March, multiple browsers will be prohibited from accessing 850,000 sites on The HTTPS website of TLS 1.0/1.1)