Mozilla disables TLS 1.0 and 1.1 in Firefox Nightly in preparation of deprecation

[Karlston]

Mozilla disables TLS 1.0 and 1.1 in Firefox Nightly in preparation of deprecation

Firefox maker Mozilla disabled support for the protocols TLS 1.0 and TLS 1.1 in recent versions of the Firefox Nightly web browser.

 

Major browser makers such as Mozilla and Google announced in 2018 that support for the decade-old standards would be dropped in 2020 to improve the security and performance of Internet connections. Back then it was revealed that TLS 1.1 was used by 0.1% of all Internet connections; the number has likely gone done in the meantime.

 

Transport Layer Security (TLS) is a security protocol used to encrypt Internet traffic; TLS 1.3 Final was published in 2018 and companies started to integrate the final version into browsers shortly thereafter.

 

Mozilla started to enable TLS 1.3 in Firefox Stable in 2018, and other browser makers such as Google added support for the new protocol version as well.

 

Tip: here is a way to determine if your browser supports TLS 1.3 and other security features.

Firefox and TLS 1.0 and 1.1 deprecation

 

Mozilla disabled support for TLS 1.0 and TLS 1.1 in Firefox Nightly in preparation for the deprecation in Firefox Stable in 2020. A quick check on a SSL Labs test site confirms that TLS 1.2 and 1.3 are the only supported protocols by the browser.

 

Sites that support TLS 1.0 and/or TLS 1.1 but not TLS 1.2 or newer will fail to load and throw a "secure connection failed" error instead. The error code is SSL_ERROR_UNSUPPORTED_VERSION.

 

 

Firefox users may override the limitation in the following way currently but that option will likely go away once the change lands in Firefox Stable in early 2020.

1. Load about:config in the web browser's address bar.
2. Confirm that you will be careful.
3. Search for security.tls.version.min. The default value of the preference is set to 3 which means that Firefox accepts TLS 1.2 and higher only.
4. Change the value to 2 to add support for TLS 1.1, or to 1 to add support for TLS 1.0.

The screenshot below shows the default value of the preference.

 

 

Sites, including the dashboard of modems, routers and other local peripheral devices, that support only TLS 1.1 or TLS 1.0 will load after you make the change.

Closing Words

TLS 1.0 and 1.1 support will be removed from browsers in early 2020. While that should mean minimal interruption for most users, some, especially those working in local Intranets and other non-Internet environments, may run into issues connecting to certain sites and devices that don't support newer protocol versions for one reason or another.Some browsers may keep support for TLS 1.0 and 1.1 enabled, and it is also possible to use an older version of a browser to connect to these sites.

 

 

Source: Mozilla disables TLS 1.0 and 1.1 in Firefox Nightly in preparation of deprecation (gHacks - Martin Brinkmann)