Mozilla, the maker of the Firefox browser, announced it is moving to “eradicate” the weak TLS 1.0 and 1.1 HTTPS standard, The Register reported. Apple made a similar announcement in October 2018.
From next month, users hitting a site running TLS 1.0 or 1.1 will not connect immediately, but see a warning screen stating: “Secure connection failed.” There is an option to override this, in which case it will be overridden for all sites. Thyla van der Merwe, cryptography engineering manager at Mozilla, said: “We plan to keep the override button for now; the telemetry we’re collecting will tell us more about how often this button is used. These results will then inform our decision regarding when to remove the button entirely. It’s unlikely that the button will stick around for long. We’re committed to completely eradicating weak versions of TLS.”