30 October 2018
Bulletproof TLS Newsletter is a free periodic newsletter bringing you commentary and news surrounding SSL/TLS and Internet PKI, designed to keep you informed about the latest developments in this space. Maintained by Hanno Böck.
The four largest browser vendors—Google, Microsoft, Mozilla, and Apple—have all announced that in 2020 they want to deprecate old TLS protocol versions 1.0 and 1.1. Webmasters should make sure that they support at least TLS 1.2, or ideally the latest version, TLS 1.3.
Although TLS 1.0 and 1.1 do have some security issues, it’s debatable how severe they are. TLS 1.0 is vulnerable to the BEAST attack, but that can be mitigated relatively easily by clients. Both TLS 1.0 and 1.1 use insecure hash functions like MD5 and SHA1, a detail that has been explored in the SLOTH attack.
Browser vendors still have not moved to deprecate weak cipher modes that are still supported in TLS 1.2—notably, CBC/HMAC with MAC-then-encrypt and the static RSA handshake. However, Google’s announcement indicates that further deprecations will follow and recommends supporting AEAD modes and the ECDHE key exchange.
It’s noteworthy that four major browser vendors have coordinated their efforts to deprecate old encryption protocols. This is likely due to past discussions in which such deprecations were met with resistance because when one browser vendor moves ahead, it could make users switch to another browser. Although their timelines aren’t fully aligned, the coordinated deprecation will make such scenarios less worrying for the vendors.
This subscription is just for the newsletter; we won't send you anything else.
Designed by Ivan Ristić, the author of SSL Labs, Bulletproof SSL and TLS, and Hardenize, our course covers everything you need to know to deploy secure servers and encrypted web applications.
Remote and trainer-led, with small classes and a choice of timezones.
Join over 1,500 students who have benefited from more than a decade of deep TLS and PKI expertise.