Beginning March, when Firefox 74 is set to arrive in the release channel, Mozilla will disable older Transport Layer Security (TLS) protocol versions as default options for secure connections.
An improvement over the Secure Sockets Layer (SSL) protocol, TLS is meant to improve the security of the Web, but flaws and weaknesses in older iterations, specifically TLS 1.0 and TLS 1.1, render connections vulnerable to attacks such as BEAST, CRIME and POODLE.
Mozilla has already introduced the change in Firefox Beta 73, in which the minimum TLS version allowable by default is TLS 1.2. Users shouldn’t notice any connection errors when accessing websites that support TLS 1.2 and up.
However, because TLS version mismatches might appear if websites do not include support for the newer versions of the protocol, users are provided with the option to fallback to TLS 1.0 or TLS 1.1, via an override button on the error page.
“As a user, you will have to actively initiate this override. But the override button offers you a choice. You can, of course, choose not to connect to sites that don’t offer you the best possible security,” Thyla van der Merwe, cryptography engineering manager at Mozilla, notes in a blog post.
Van der Merwe encourages operators to upgrade their servers to ensure they provide a secure experience to their users, especially since plans regarding TLS 1.0 and TLS 1.1 deprecation have been announced over a year ago.
Firefox 74, which is expected to arrive in the stable channel on March 10 — Mozilla has shifted to a 4-week release cycle — will require TLS 1.2 as the minimum version for secure connections. Users will still be provided with the override button and Mozilla will gather data on how often this button is used.
“These results will then inform our decision regarding when to remove the button entirely. It’s unlikely that the button will stick around for long. We’re committed to completely eradicating weak versions of TLS because at Mozilla we believe that user security should not be treated as optional,” van der Merwe concludes.
Related: Major Browsers to Kill TLS 1.0, 1.1
Related: IETF Publishes TLS 1.3 as RFC 8446