Microsoft postpones TLS 1.0 and 1.1 deprecation to second half of 2020


Microsoft announced yesterday that its plan to disable the security protocols TLS 1.0 and TLS 1.1 in the company’s browsers has been postponed. The company wanted to disable the security protocols in the first half of 2020 initially but decided to postpone this in light of current global events.

All major browser makers pledged to disable the aging security protocols TLS 1.0 and 1.1 in the first half of 2020. Some, like Mozilla, went ahead with the change but reverted it when it became clear that some government sites still relied on these protocols. Users of Firefox could not access these sites anymore because of the disabled protocols. Mozilla re-enabled the protocols to make sure that Firefox users worldwide are able to access important sites in a time of crisis.

Microsoft’s updated plan for discontinuing support for TLS 1.0 and 1.1 is as follows:

  • New Chromium-based Microsoft Edge: TLS 1.0 and 1.1 will be disabled by default “no sooner than Microsoft Edge version 84”. The browser is scheduled for a July 2020 release.
  • Classic Microsoft Edge browser: TLS 1.0 and 1.1 will be disabled by default on September 8, 2020.
  • Microsoft Internet Explorer 11: TLS 1.0 and 1.1 will be disabled by default on September 8, 2020.

Options are provided to enable TLS 1.0 and 1.1. if required. Users find settings to enable TLS 1.0 and TLS 1.1 in the Internet Options under Advanced.

tls 1.0 1.1 internet options

Administrators may also change the settings in the Windows Registry. Here is how that is done:

  1. Open the Windows Registry Editor, e.g. by using Windows-R to open the run box, typing regedit.exe, and hitting the Enter-key.
  2. Confirm the UAC prompt that is spawned.
  3. Go to HKLM SYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocols
  4. For TLS 1.0, do the following:
    1. If you don’t see a TLS 1.0 entry, create one by right-clicking on Protocols and selecting New > Key. Name the key TLS 1.0.
    2. Right-click on TLS 1.0 and select New > Key. Name it Client.
    3. Right-click on the newly created Client key and select New > Dword (32-bit) Value. Name it Enabled.
    4. The default value is 0 which means that TLS 1.0 is disabled. To enable it, set the value to 1 instead.
  5. For TLS 1.1, do the following:
    1. f you don’t see a TLS 1.1 entry, create one by right-clicking on Protocols and selecting New > Key. Name the key TLS 1.1.
    2. Right-click on TLS 1.1 and select New > Key. Name it Client.
    3. Right-click on the newly created Client key and select New > Dword (32-bit) Value. Name it Enabled.
    4. The default value is 0 which means that TLS 1.0 is disabled. To enable it, set the value to 1 instead.
  6. Exit the Registry Editor and restart Windows.

You can use a service such as the SSL/TLS Client Text by Browserleaks to list the supported protocols of the browser.

Now You: Have you visited sites recently that rely on these older protocols?

Thank you for being a Ghacks reader. The post Microsoft postpones TLS 1.0 and 1.1 deprecation to second half of 2020 appeared first on gHacks Technology News.



Source link

Leave a Reply

Do NOT follow this link or you will be banned from the site!