Apple to Deprecate TLS 1.0 and 1.1 in Safari Beginning March 2020

Apple to Deprecate TLS 1.0 and 1.1 in Safari Beginning March 2020

Posted by · 5727 views · Translate

Apple has announced that it will begin deprecating support for TLS (Transport Layer Security) 1.0 and 1.1 in Safari beginning March 2020. TLS is a security protocol used to provide confidentiality and integrity of data in transit between clients and servers exchanging (often sensitive) information.

We are deprecating support for TLS 1.0 and 1.1. Complete support will be removed from Safari in updates to Apple iOS and macOS beginning in March 2020. Firefox, Chrome, and Edge are also planning to drop TLS 1.0 and 1.1 support at that time. If you own or operate a web server that does not support TLS 1.2 or newer, please upgrade now. If you use legacy services or devices that cannot be upgraded, please let us know by contacting our Web Technologies Evangelist or by filing a bug report with details.

Apple notes that using TLS 1.2, a more secure version of the protocol, provides many benefits, including:
● Modern cryptographic cipher suites and algorithms with desirable performance and security properties, e.g., perfect forward secrecy and authenticated encryption, that are not vulnerable to attacks such as BEAST.
● Removal of mandatory and insecure SHA-1 and MD5 hash functions as part of peer authentication.
● Resistance to downgrade-related attacks such as LogJam and FREAK.

99.6% of all TLS connections made from Safari now use TLS 1.2. With the finalization of TLS 1.3 in August, Apple believes legacy TLS connections will drop even further. Additionally, the company indicates that TLS 1.2 is required for HTTP/2 which provides significant performance improvements for the web.

More details at the link below!

Read More


Apple to Deprecate TLS 1.0 and 1.1 in Safari Beginning March 2020

Recent