Browsers will block HTTPS sites still using insecure TLS 1.0 or TLS 1.1 protocols starting this month

Over 850.000 websites that still use the insecure TLS 1.0 or TLS 1.1 HTTPS protocols will have problems getting visitors starting this month, when browsers will drop support for these old and unsecure protocols.

These protocols were released ages ago, in 1996 and 2006 respectively and are using weak cryptographic protocols that were proved to be vulnerable in attacks like POODLE, BEAST, LUCKY 13, CRIME or SWEET 32. These attacked allowed malicious people to decrypt HTTPS traffic that was supposed to be confidential.

New versions of these protocols were launched in 2008 (TLS 1.2) and 2018 (TLS 1.3), both of them being considered superior and much safer than TLS 1.0 or TLS 1.1.

These blocking move from the browsers was announced back in 2018, when the four biggest browser makers (Mozilla, Google, Microsoft and Apple) got together and announced their plan of dropping support for TLS 1.0 and TLS 1.1 in the spring of 2020.