Web browser, and I believe that the Internet is a day you are not familiar with, you know the world's most mainstream browser vendors which four it?
The answer is: ① Google (Chrome) ② Microsoft (IE and Edge) ③ Apple (Safari) ④ Mozilla (Firefox)
In terms of security and privacy, these four Web browser vendors earlier this year formally introduced a Real tacit decision that since March 2020, to stop support TLS 1.1 and TLS 1.0 version of security protocol.
By then Google (Chrome), Mozilla (Firefox), Microsoft (IE and Edge), Apple (Safari) will release a new version of the browser execute this strategy.
Time dating back to 2018, the four giant Web browser (Apple, Google, Mozilla, Microsoft) issued an unprecedented joint statement, announced it was banning decided to support TLS 1.0 and TLS 1.1 in early 2020. This means that TLS 1.2 will actually become the default settings of the mainstream, major browsers and Web site will encourage companies to increase support for TLS 1.3 as soon as possible.
Maybe you have a series of black question marks, TLS is the what? TLS play what role in the security browser transmission? TLS and SSL What is the difference? Why TLS 1.1 and TLS 1.0 protocols to be banned it?
First, we need to begin ...... TLS
Read news, send and receive e-mail, e-learning, e-commerce ...... the Internet, it is because of encryption technology, SSL (Secure Sockets Layer) and TLS (Transport Layer Security), in particular, TLS, precisely because of this critical technology to provide online privacy of communication, effectively prevent data loss and data leakage site, the Internet boom was showing this today as we know it.
TLS vs SSL: data transmission security bodyguard
The Internet today consists of seven levels consisting of: a physical layer, data link layer, network layer, transport layer, session layer, presentation layer, application layer. The application layer is the most abstract level, is closest to the end-user level. SSL / TLS is designed for use in a computer network to provide secure encrypted communications protocol between the application layer and the transport layer interposed. It is to address security issues through the transmission of a "handshake agreement" and "transport protocol." This process ensures that end users use the network services, security and confidentiality of communications. Currently, more than 70% of Internet traffic is protected by SSL / TLS.
SSL (Secure Sockets Layer Protocol Secure Sockets Layer) is the TCP / IP protocol between the various application layer protocols, to provide support for security protocols for data communication, it is mainly through the encryption means to ensure security of data transmission.
The TLS (Transport Layer Security Transport Layer Security) excel, to inherit the advantages of SSL, the SSL protocol is the IETF (Internet Engineering Task Force) protocol normalized. Therefore, when we talk about TLS and SSL, a very important concept is an older version of the SSL protocol, TLS is successor of SSL is more secure upgraded version of SSL, encryption is the contemporary standard protocol.
TLS protection standard for communication between the Web application and the Web browser, typically located between the client and the application on a reliable transport layer. TLS HTTP protocol stack so that increased security for encrypted transmission data into the current large-scale use HTTPS, all data can be transmitted using HTTPS protected by Transport Layer Security (TLS).
Development of TLS
● In 1994, NetScape designed the protocol SSL (Secure Sockets Layer) version 1.0, but not published.
● 1995 Nian, NetScape released SSL version 2.0, soon discovered that there are serious flaws.
● In 1996, SSL version 3.0 the advent of large-scale application.
● In 1999, SSL upgraded version of the TLS version 1.0, TLS 1.0 protocol birth
● In 2006, TLS 1.1 protocol was launched
● In 2008, TLS 1.2 protocol officially released
● 2019 Nian, IETF (Internet Engineering Task Force) in August officially released TLS 1.3, represents a big leap in the overall security
● 2019 years, the Payment Card Industry Data Security Standard (PCI DSS) forced to cancel the payment card industry for TLS 1.0 support, and strongly recommend cancellation of support for TLS 1.1.
● In 2020, Google Chrome, Microsoft IE, Apple Safari, Firefox Firefox to stop support TLS 1.1 and TLS 1.0 version of the security protocol, TLS 1.2 as the default setting.
TLS 1.0 and TLS 1.1 protocols why gradually be abandoned?
The main reason: extremely unsafe. There are currently four TLS protocol version --TLS1.0,1.1,1.2 1.3 (the latest version) and. TLS 1.0 and TLS 1.1 versions of two old protocol using an outdated encryption algorithms and systems, such as SHA-1 and MD5, these algorithms and the system is very fragile, there are significant security vulnerabilities, likely to be seriously affected downgrade ***, for example, POODLE and BEAST.
Apple, Google and Microsoft have said that the impact of this decision may be produced minimal, since only a small portion of the connector Safari, Chrome, Edge and Internet Explorer browsers still in use TLS 1.0 or TLS 1.1. So far, since most sites support TLS 1.2 or TLS 1.3 version of the protocol, so in addition to some long no update server architecture industry, the average Internet user's browser will not encounter much problems.
Figure: Alexa Top 100,000 websites supported protocols specific circumstances
Recommendation: site owners deploy SSL certificate for the server after installation, open support TLS 1.2 or later, or encryption protocol can be.
How to quickly detect my TLS version?
Certificates can be deployed by detecting website: MySSL.com, TLS version at a glance
✭ view the browser SSL / TLS compatibility ✭
Open MySSL.com → click on the "Toolbox" menu → choose "SSL client detection" can be successfully detected
↓↓↓
FIG: detecting with Chrome FIG example (the same applies to other browsers)
✭ View website supports protocol version ✭
Open MySSL.com → directly in the address bar of HTTPS sites need to detect → generated detection information to see "an agreement with the kit"
↓↓↓
