Transport Layer Security Adoption

From HandWiki

In applications design, Transport Layer Security (TLS) is usually implemented on top of Transport Layer protocols, encrypting all of the protocol-related data of protocols such as HTTP, FTP, SMTP, NNTP and XMPP.

Historically, TLS has been used primarily with reliable transport protocols such as the Transmission Control Protocol (TCP). However, it has also been implemented with datagram-oriented transport protocols, such as the User Datagram Protocol (UDP) and the Datagram Congestion Control Protocol (DCCP), usage of which has been standardized independently using the term Datagram Transport Layer Security (DTLS).

Websites

A primary use of TLS is to secure World Wide Web traffic between a website and a web browser encoded with the HTTP protocol. This use of TLS to secure HTTP traffic constitutes the HTTPS protocol.[1]

Website protocol support
Protocol
version 		Website
support[2] 		Security[2][3]
SSL 2.0 1.9% Insecure
SSL 3.0 7.6% Insecure[4]
TLS 1.0 68.0% Depends on cipher[n 1] and client mitigations[n 2]
TLS 1.1 77.4% Depends on cipher[n 1] and client mitigations[n 2]
TLS 1.2 95.2% Depends on cipher[n 1] and client mitigations[n 2]
TLS 1.3 14.2% Secure
Notes
  1. 1.0 1.1 1.2 see § Cipher table above
  2. 2.0 2.1 2.2 see § Web browsers and § Attacks against TLS/SSL sections

Web browsers

Further information: Software:Comparison of web browsers

(As of April 2016), the latest versions of all major web browsers support TLS 1.0, 1.1, and 1.2, and have them enabled by default. However, not all supported Microsoft operating systems support the latest version of IE. Additionally, many operating systems currently support multiple versions of IE, but this has changed according to Microsoft's Internet Explorer Support Lifecycle Policy FAQ, "beginning January 12, 2016, only the most current version of Internet Explorer available for a supported operating system will receive technical support and security updates." The page then goes on to list the latest supported version of IE at that date for each operating system. The next critical date would be when an operating system reaches the end of life stage, which is in Microsoft's Windows lifecycle fact sheet.

There are still problems on several browser versions:

Mitigations against known attacks are not enough yet:

  • Mitigations against POODLE attack: some browsers already prevent fallback to SSL 3.0; however, this mitigation needs to be supported by not only clients but also servers. Disabling SSL 3.0 itself, implementation of "anti-POODLE record splitting", or denying CBC ciphers in SSL 3.0 is required.
    • Google Chrome: complete (TLS_FALLBACK_SCSV is implemented since version 33, fallback to SSL 3.0 is disabled since version 39, SSL 3.0 itself is disabled by default since version 40. Support of SSL 3.0 itself was dropped since version 44.)
    • Mozilla Firefox: complete (support of SSL 3.0 itself is dropped since version 39. SSL 3.0 itself is disabled by default and fallback to SSL 3.0 are disabled since version 34, TLS_FALLBACK_SCSV is implemented since version 35. In ESR, SSL 3.0 itself is disabled by default and TLS_FALLBACK_SCSV is implemented since ESR 31.3.)
    • Internet Explorer: partial (only in version 11, SSL 3.0 is disabled by default since April 2015. Version 10 and older are still vulnerable against POODLE.)
    • Opera: complete (TLS_FALLBACK_SCSV is implemented since version 20, "anti-POODLE record splitting", which is effective only with client-side implementation, is implemented since version 25, SSL 3.0 itself is disabled by default since version 27. Support of SSL 3.0 itself will be dropped since version 31.)
    • Safari: complete (only on OS X 10.8 and later and iOS 8, CBC ciphers during fallback to SSL 3.0 is denied, but this means it will use RC4, which is not recommended as well. Support of SSL 3.0 itself is dropped on OS X 10.11 and later and iOS 9.)
  • Mitigation against RC4 attacks:
    • Google Chrome disabled RC4 except as a fallback since version 43. RC4 is disabled since Chrome 48.
    • Firefox disabled RC4 except as a fallback since version 36. Firefox 44 disabled RC4 by default.
    • Opera disabled RC4 except as a fallback since version 30. RC4 is disabled since Opera 35.
    • Internet Explorer for Windows 7 / Server 2008 R2 and for Windows 8 / Server 2012 have set the priority of RC4 to lowest and can also disable RC4 except as a fallback through registry settings. Internet Explorer 11 Mobile 11 for Windows Phone 8.1 disable RC4 except as a fallback if no other enabled algorithm works. Edge and IE 11 disable RC4 completely in August 2016.
  • Mitigation against FREAK attack:
    • The Android Browser of Android 4 and older is still vulnerable to the FREAK attack.
    • Internet Explorer 11 Mobile is still vulnerable to the FREAK attack.
    • Google Chrome, Internet Explorer (desktop), Safari (desktop & mobile), and Opera (mobile) have FREAK mitigations in place.
    • Mozilla Firefox on all platforms and Google Chrome on Windows were not affected by FREAK.
TLS/SSL support history of web browsers
Browser Version Platforms SSL protocols TLS protocols Certificate support Vulnerabilities fixed[n 1] Protocol selection by user
[n 2]
SSL 2.0 (insecure) SSL 3.0 (insecure) TLS 1.0 TLS 1.1 TLS 1.2 TLS 1.3 EV
[n 3][6] 		SHA-2
[7] 		ECDSA
[8] 		BEAST[n 4] CRIME[n 5] POODLE (SSLv3)[n 6] RC4[n 7] FREAK[9][10] Logjam
Google Chrome
(Chrome for Android)
[n 8]
[n 9] 		1–9 Windows (7+)
OS X (10.10+)
Linux
Android (4.1+)
iOS (9.0+)
Chrome OS 		Disabled by default Enabled by default Yes No No No Yes
(only desktop) 		needs SHA-2 compatible OS[7] needs ECC compatible OS[8] Not affected
[15] 		Vulnerable
(HTTPS) 		Vulnerable Vulnerable Vulnerable
(except Windows) 		Vulnerable Yes[n 10]
10–20 No[16] Enabled by default Yes No No No Yes
(only desktop) 		needs SHA-2 compatible OS[7] needs ECC compatible OS[8] Not affected Vulnerable
(HTTPS/SPDY) 		Vulnerable Vulnerable Vulnerable
(except Windows) 		Vulnerable Yes[n 10]
21 No Enabled by default Yes No No No Yes
(only desktop) 		needs SHA-2 compatible OS[7] needs ECC compatible OS[8] Not affected Mitigated
[17] 		Vulnerable Vulnerable Vulnerable
(except Windows) 		Vulnerable Yes[n 10]
22–29 No Enabled by default Yes Yes[18] No[18][19][20][21] No Yes
(only desktop) 		needs SHA-2 compatible OS[7] needs ECC compatible OS[8] Not affected Mitigated Vulnerable Vulnerable Vulnerable
(except Windows) 		Vulnerable Temporary
[n 11]
30–32 No Enabled by default Yes Yes Yes​[19][20][21] No Yes
(only desktop) 		needs SHA-2 compatible OS[7] needs ECC compatible OS[8] Not affected Mitigated Vulnerable Vulnerable Vulnerable
(except Windows) 		Vulnerable Temporary
[n 11]
33–37 No Enabled by default Yes Yes Yes No Yes
(only desktop) 		needs SHA-2 compatible OS[7] needs ECC compatible OS[8] Not affected Mitigated Partly mitigated
[n 12] 		Lowest priority
[24][25][26] 		Vulnerable
(except Windows) 		Vulnerable Temporary
[n 11]
38, 39 No Enabled by default Yes Yes Yes No Yes
(only desktop) 		Yes needs ECC compatible OS[8] Not affected Mitigated Partly mitigated Lowest priority Vulnerable
(except Windows) 		Vulnerable Temporary
[n 11]
40 No Disabled by default​[23][27] Yes Yes Yes No Yes
(only desktop) 		Yes needs ECC compatible OS[8] Not affected Mitigated Mitigated
[n 13] 		Lowest priority Vulnerable
(except Windows) 		Vulnerable Yes[n 14]
41, 42 No Disabled by default Yes Yes Yes No Yes
(only desktop) 		Yes needs ECC compatible OS[8] Not affected Mitigated Mitigated Lowest priority Mitigated Vulnerable Yes[n 14]
43 No Disabled by default Yes Yes Yes No Yes
(only desktop) 		Yes needs ECC compatible OS[8] Not affected Mitigated Mitigated Only as fallback
[n 15][28] 		Mitigated Vulnerable Yes[n 14]
44–47 No No[29] Yes Yes Yes No Yes
(only desktop) 		Yes needs ECC compatible OS[8] Not affected Mitigated Not affected Only as fallback
[n 15] 		Mitigated Mitigated​[30] Temporary
[n 11]
48, 49 No No Yes Yes Yes No Yes
(only desktop) 		Yes needs ECC compatible OS[8] Not affected Mitigated Not affected Disabled by default​[n 16][31][32] Mitigated Mitigated Temporary
[n 11]
50–53 No No Yes Yes Yes No Yes
(only desktop) 		Yes Yes Not affected Mitigated Not affected Disabled by default​[n 16][31][32] Mitigated Mitigated Temporary
[n 11]
54–66 No No Yes Yes Yes Disabled by default
(draft version) 		Yes
(only desktop) 		Yes Yes Not affected Mitigated Not affected Disabled by default​[n 16][31][32] Mitigated Mitigated Temporary
[n 11]
67–69 No No Yes Yes Yes Yes
(draft version) 		Yes
(only desktop) 		Yes Yes Not affected Mitigated Not affected Disabled by default​[n 16][31][32] Mitigated Mitigated Temporary
[n 11]
70–74 75 No No Yes Yes Yes Yes Yes
(only desktop) 		Yes Yes Not affected Mitigated Not affected Disabled by default​[n 16][31][32] Mitigated Mitigated Temporary
[n 11]
Browser Version Platforms SSL 2.0 (insecure) SSL 3.0 (insecure) TLS 1.0 TLS 1.1 TLS 1.2 TLS 1.3 EV certificate SHA-2 certificate ECDSA certificate BEAST CRIME POODLE (SSLv3) RC4 FREAK Logjam Protocol selection by user
Google Android OS Browser
[33] 		Android 1.0–2.3.7 No Enabled by default Yes No No No Unknown Yes[7] No Unknown Unknown Vulnerable Vulnerable Vulnerable Vulnerable No
Android 3.0–4.0.4 No Enabled by default Yes No No No Unknown Yes Yes[34][8] Unknown Unknown Vulnerable Vulnerable Vulnerable Vulnerable No
Android 4.1–4.4.4 No Enabled by default Yes Disabled by default​[35] Disabled by default​[35] No Unknown Yes Yes Unknown Unknown Vulnerable Vulnerable Vulnerable Vulnerable No
Android 5.0–5.0.2 No Enabled by default Yes Yes[35][36] Yes[35][36] No Unknown Yes Yes Unknown Unknown Vulnerable Vulnerable Vulnerable Vulnerable No
Android 5.1–5.1.1 No Disabled by default
 Yes Yes Yes No Unknown Yes Yes Unknown Unknown Not affected Only as fallback
[n 15] 		Mitigated Mitigated No
Android 6.0–6.0.1 No Disabled by default
 Yes Yes Yes No Unknown Yes Yes Unknown Unknown Not affected Disabled by default Mitigated Mitigated No
Android 7.0–7.1.2
Android 8.0–8.1 No No
[37] 		Yes Yes Yes No Unknown Yes Yes Unknown Unknown Not affected Disabled by default Mitigated Mitigated No
Android 9.0
Android 10.0 No No Yes Yes Yes Unknown Unknown Yes Yes Unknown Unknown Not affected Disabled by default Mitigated Mitigated No
Browser Version Platforms SSL 2.0 (insecure) SSL 3.0 (insecure) TLS 1.0 TLS 1.1 TLS 1.2 TLS 1.3 EV certificate SHA-2 certificate ECDSA certificate BEAST CRIME POODLE (SSLv3) RC4 FREAK Logjam Protocol selection by user
Mozilla Firefox
(Firefox for mobile)
[n 17] 		1.0, 1.5 Windows (7+)
OS X (10.9+)
Linux
Android (4.1+)
iOS (9.0+)
Firefox OS
Maemo

ESR only for:
Windows (7+)
OS X (10.9+)
Linux 		Enabled by default
[38] 		Enabled by default
[38] 		Yes[38] No No No No Yes[7] No Not affected
[39] 		Not affected Vulnerable Vulnerable Not affected Vulnerable Yes[n 10]
2 Disabled by default
[38][40] 		Enabled by default Yes No No No No Yes Yes[8] Not affected Not affected Vulnerable Vulnerable Not affected Vulnerable Yes[n 10]
3–7 Disabled by default Enabled by default Yes No No No Yes Yes Yes Not affected Not affected Vulnerable Vulnerable Not affected Vulnerable Yes[n 10]
8–10
ESR 10 		No[40] Enabled by default Yes No No No Yes Yes Yes Not affected Not affected Vulnerable Vulnerable Not affected Vulnerable Yes[n 10]
11–14 No Enabled by default Yes No No No Yes Yes Yes Not affected Vulnerable
(SPDY)[17] 		Vulnerable Vulnerable Not affected Vulnerable Yes[n 10]
15–22
ESR 17.0–17.0.10 		No Enabled by default Yes No No No Yes Yes Yes Not affected Mitigated Vulnerable Vulnerable Not affected Vulnerable Yes[n 10]
ESR 17.0.11 No Enabled by default Yes No No No Yes Yes Yes Not affected Mitigated Vulnerable Lowest priority
[41][42] 		Not affected Vulnerable Yes[n 10]
23 No Enabled by default Yes Disabled by default
[43] 		No No Yes Yes Yes Not affected Mitigated Vulnerable Vulnerable Not affected Vulnerable Yes[n 18]
24, 25.0.0
ESR 24.0–24.1.0 		No Enabled by default Yes Disabled by default Disabled by default
[44] 		No Yes Yes Yes Not affected Mitigated Vulnerable Vulnerable Not affected Vulnerable Yes[n 18]
25.0.1, 26
ESR 24.1.1 		No Enabled by default Yes Disabled by default Disabled by default No Yes Yes Yes Not affected Mitigated Vulnerable Lowest priority
[41][42] 		Not affected Vulnerable Yes[n 18]
27–33
ESR 31.0–31.2 		No Enabled by default Yes Yes​[45][46] Yes​[47][46] No Yes Yes Yes Not affected Mitigated Vulnerable Lowest priority Not affected Vulnerable Yes[n 18]
34, 35
ESR 31.3–31.7 		No Disabled by default
[48][49] 		Yes Yes Yes No Yes Yes Yes Not affected Mitigated Mitigated
[n 19] 		Lowest priority Not affected Vulnerable Yes[n 18]
ESR 31.8 No Disabled by default Yes Yes Yes No Yes Yes Yes Not affected Mitigated Mitigated Lowest priority Not affected Mitigated​[52] Yes[n 18]
36–38
ESR 38.0 		No Disabled by default Yes Yes Yes No Yes Yes Yes Not affected Mitigated Mitigated Only as fallback
[n 15][53] 		Not affected Vulnerable Yes[n 18]
ESR 38.1–38.8 No Disabled by default Yes Yes Yes No Yes Yes Yes Not affected Mitigated Mitigated Only as fallback
[n 15] 		Not affected Mitigated​[52] Yes[n 18]
39–43 No No[54] Yes Yes Yes No Yes Yes Yes Not affected Mitigated Not affected Only as fallback
[n 15] 		Not affected Mitigated​[52] Yes[n 18]
44–48
ESR 45 		No No Yes Yes Yes No Yes Yes Yes Not affected Mitigated Not affected Disabled by default​[n 16][55][56][57][58] Not affected Mitigated Yes[n 18]
49–59
ESR 52 		No No Yes Yes Yes Disabled by default
(draft version)[59] 		Yes Yes Yes Not affected Mitigated Not affected Disabled by default​[n 16] Not affected Mitigated Yes[n 18]
60–62
ESR 60.0–60.7 		ESR 60.8 No No Yes Yes Yes Yes
(draft version) 		Yes Yes Yes Not affected Mitigated Not affected Disabled by default​[n 16] Not affected Mitigated Yes[n 18]
63–67 68
ESR 68.0 		No No Yes Yes Yes Yes Yes Yes Yes Not affected Mitigated Not affected Disabled by default​[n 16] Not affected Mitigated Yes[n 18]
Browser Version Platforms SSL 2.0 (insecure) SSL 3.0 (insecure) TLS 1.0 TLS 1.1 TLS 1.2 TLS 1.3 EV certificate SHA-2 certificate ECDSA certificate BEAST CRIME POODLE (SSLv3) RC4 FREAK Logjam Protocol selection by user
Microsoft Internet Explorer
[n 20] 		1.x Windows 3.1, 95, NT,[n 21][n 22]
Mac OS 7, 8 		No SSL/TLS support
2 Yes No No No No No No No No No SSL 3.0 or TLS support Vulnerable Vulnerable Vulnerable N/A
3 Yes Yes[62] No No No No No No No Vulnerable Not affected Vulnerable Vulnerable Vulnerable Vulnerable Unknown
4, 5, 6 Windows 3.1, 95, 98, NT, 2000[n 21][n 22]
Mac OS 7.1, 8, X,
Solaris, HP-UX 		Enabled by default Enabled by default Disabled by default
[62] 		No No No No No No Vulnerable Not affected Vulnerable Vulnerable Vulnerable Vulnerable Yes[n 10]
6 Windows XP[n 22] Enabled by default Enabled by default Disabled by default No No No No Yes
[n 23][63] 		No Mitigated Not affected Vulnerable Vulnerable Vulnerable Vulnerable Yes[n 10]
7, 8 Disabled by default
[64] 		Enabled by default Yes[64] No No No Yes Yes
[n 23][63] 		No Mitigated Not affected Vulnerable Vulnerable Vulnerable Vulnerable Yes[n 10]
6 Server 2003[n 22] Enabled by default Enabled by default Disabled by default No No No No Yes
[n 23][63] 		No Mitigated Not affected Vulnerable Vulnerable Mitigated
[67] 		Mitigated
[68] 		Yes[n 10]
7, 8 Disabled by default
[64] 		Enabled by default Yes[64] No No No Yes Yes
[n 23][63] 		No Mitigated Not affected Vulnerable Vulnerable Mitigated
[67] 		Mitigated
[68] 		Yes[n 10]
7, 8, 9 Windows Vista Disabled by default Enabled by default Yes No No No Yes Yes Yes[8] Mitigated Not affected Vulnerable Vulnerable Mitigated
[67] 		Mitigated
[68] 		Yes[n 10]
7, 8[n 24] 9 Server 2008 Disabled by default Enabled by default Yes Disabled by default​[5]
(KB4019276) 		Disabled by default​[5]
(KB4019276) 		No Yes Yes Yes[8] Mitigated Not affected Vulnerable Vulnerable Mitigated
[67] 		Mitigated
[68] 		Yes[n 10]
8, 9, 10[n 24] Windows 7
Server 2008 R2 		Disabled by default Enabled by default Yes Disabled by default
[70] 		Disabled by default
[70] 		No Yes Yes Yes Mitigated Not affected Vulnerable Lowest priority
[71][n 25] 		Mitigated
[67] 		Mitigated
[68] 		Yes[n 10]
11 Disabled by default Disabled by default
[n 26] 		Yes Yes[73] Yes[73] No Yes Yes Yes Mitigated Not affected Mitigated
[n 26] 		Disabled by default​[77] Mitigated
[67] 		Mitigated
[68] 		Yes[n 10]
10[n 24] Windows 8 Disabled by default Enabled by default Yes Disabled by default
[70] 		Disabled by default
[70] 		No Yes Yes Yes Mitigated Not affected Vulnerable Lowest priority
[71][n 25] 		Mitigated
[67] 		Mitigated
[68] 		Yes[n 10]
10 Server 2012
11[78] Windows 8.1 Disabled by default Disabled by default
[n 26] 		Yes Yes[73] Yes[73] No Yes Yes Yes Mitigated Not affected Mitigated
[n 26] 		Disabled by default​[n 16] Mitigated
[67] 		Mitigated
[68] 		Yes[n 10]
Server 2012 /
2012 R2
Browser Version Platforms SSL 2.0 (insecure) SSL 3.0 (insecure) TLS 1.0 TLS 1.1 TLS 1.2 TLS 1.3 EV certificate SHA-2 certificate ECDSA certificate BEAST CRIME POODLE (SSLv3) RC4 FREAK Logjam Protocol selection by user
Microsoft Edge[n 27]
Client only

Internet Explorer
Client
and
Server (SAC)
[n 20] 		IE 11 Edge
12–13 		Windows 10
v1507–v1511 		Disabled by default Disabled by default Yes Yes Yes No Yes Yes Yes Mitigated Not affected Mitigated Disabled by default​[n 16] Mitigated Mitigated Yes[n 10]
IE 11 Edge 14 Windows 10 v1607 No[79] Disabled by default Yes Yes Yes No Yes Yes Yes Mitigated Not affected Mitigated Disabled by default​[n 16] Mitigated Mitigated Yes[n 10]
IE 11 Edge 15 Windows 10 v1703 No Disabled by default Yes Yes Yes No Yes Yes Yes Mitigated Not affected Mitigated Disabled by default​[n 16] Mitigated Mitigated Yes[n 10]
IE 11 Edge 16 Windows 10 v1709 No Disabled by default Yes Yes Yes No Yes Yes Yes Mitigated Not affected Mitigated Disabled by default​[n 16] Mitigated Mitigated Yes[n 10]
IE 11 Server v1709 (SAC) No Disabled by default Yes Yes Yes No Yes Yes Yes Mitigated Not affected Mitigated Disabled by default​[n 16] Mitigated Mitigated Yes[n 10]
IE 11 Edge 17 Windows 10 v1803 No Disabled by default Yes Yes Yes No Yes Yes Yes Mitigated Not affected Mitigated Disabled by default​[n 16] Mitigated Mitigated Yes[n 10]
IE 11 Server v1803 (SAC) No Disabled by default Yes Yes Yes No Yes Yes Yes Mitigated Not affected Mitigated Disabled by default​[n 16] Mitigated Mitigated Yes[n 10]
IE 11 Edge 18 Windows 10 v1809 No Disabled by default Yes Yes Yes No Yes Yes Yes Mitigated Not affected Mitigated Disabled by default​[n 16] Mitigated Mitigated Yes[n 10]
IE 11 Server v1809 (SAC) No Disabled by default Yes Yes Yes No Yes Yes Yes Mitigated Not affected Mitigated Disabled by default​[n 16] Mitigated Mitigated Yes[n 10]
IE 11 Edge 18 Windows 10 v1903 No Disabled by default Yes Yes Yes Disabled by default (experimental) Yes Yes Yes Mitigated Not affected Mitigated Disabled by default​[n 16] Mitigated Mitigated Yes[n 10]
IE 11 Server v1903 (SAC) No Disabled by default Yes Yes Yes Disabled by default (experimental) Yes Yes Yes Mitigated Not affected Mitigated Disabled by default​[n 16] Mitigated Mitigated Yes[n 10]
IE 11 Edge 18 Windows 10 v19H2 No Disabled by default Yes Yes Yes Unknown Yes Yes Yes Mitigated Not affected Mitigated Disabled by default​[n 16] Mitigated Mitigated Yes[n 10]
IE 11 Server v19H2 (SAC) No Disabled by default Yes Yes Yes Unknown Yes Yes Yes Mitigated Not affected Mitigated Disabled by default​[n 16] Mitigated Mitigated Yes[n 10]
IE 11 Edge Windows 10 v20H1 No Disabled by default Yes Yes Yes Unknown Yes Yes Yes Mitigated Not affected Mitigated Disabled by default​[n 16] Mitigated Mitigated Yes[n 10]
IE 11 Server v20H1 (SAC) No Disabled by default Yes Yes Yes Unknown Yes Yes Yes Mitigated Not affected Mitigated Disabled by default​[n 16] Mitigated Mitigated Yes[n 10]
Microsoft Internet Explorer
Client
(LTSB/C)
and
Server
(LTSB/C)
[n 20] 		IE 11 Windows 10 LTSB 2015 (v1507)[n 28] Disabled by default Disabled by default Yes Yes Yes No Yes Yes Yes Mitigated Not affected Mitigated Disabled by default​[n 16] Mitigated Mitigated Yes[n 10]
IE 11 Windows 10 LTSB 2016 (v1607) No[79] Disabled by default Yes Yes Yes No Yes Yes Yes Mitigated Not affected Mitigated Disabled by default​[n 16] Mitigated Mitigated Yes[n 10]
IE 11 Server 2016
v1607 (LTSB) 		No[79] Disabled by default Yes Yes Yes No Yes Yes Yes Mitigated Not affected Mitigated Disabled by default​[n 16] Mitigated Mitigated Yes[n 10]
IE 11 Windows 10 LTSC 2019 (v1809) No Disabled by default Yes Yes Yes No Yes Yes Yes Mitigated Not affected Mitigated Disabled by default​[n 16] Mitigated Mitigated Yes[n 10]
IE 11 Server 2019
v1809 (LTSC) 		No Disabled by default Yes Yes Yes No Yes Yes Yes Mitigated Not affected Mitigated Disabled by default​[n 16] Mitigated Mitigated Yes[n 10]
Browser Version Platforms SSL 2.0 (insecure) SSL 3.0 (insecure) TLS 1.0 TLS 1.1 TLS 1.2 TLS 1.3 EV certificate SHA-2 certificate ECDSA certificate BEAST CRIME POODLE (SSLv3) RC4 FREAK Logjam Protocol selection by user
Microsoft Internet Explorer Mobile
[n 20] 		7, 9 Windows Phone 7, 7.5, 7.8 Disabled by default
[64] 		Enabled by default Yes No
 No
 No No
 Yes Yes[34] Unknown Not affected Vulnerable Vulnerable Vulnerable Vulnerable Only with 3rd party tools[n 29]
10 Windows Phone 8 Disabled by default Enabled by default Yes Disabled by default
[82] 		Disabled by default
[82] 		No No
 Yes Yes[83] Mitigated Not affected Vulnerable Vulnerable Vulnerable Vulnerable Only with 3rd party tools[n 29]
11 Windows Phone 8.1 Disabled by default Enabled by default Yes Yes[84] Yes[84] No No
 Yes Yes Mitigated Not affected Vulnerable Only as fallback
[n 15][85][86] 		Vulnerable Vulnerable Only with 3rd party tools[n 29]
Microsoft Edge
[n 27] 		Edge 13 Windows 10 Mobile v1511 Disabled by default Disabled by default Yes Yes Yes No Yes Yes Yes Mitigated Not affected Mitigated Disabled by default​[n 16] Mitigated Mitigated No
Edge 14 Windows 10 Mobile v1607 No[79] Disabled by default Yes Yes Yes No Yes Yes Yes Mitigated Not affected Mitigated Disabled by default​[n 16] Mitigated Mitigated No
Edge 15 Windows 10 Mobile v1703 No Disabled by default Yes Yes Yes No Yes Yes Yes Mitigated Not affected Mitigated Disabled by default​[n 16] Mitigated Mitigated No
Windows 10 Mobile v1709 No Disabled by default Yes Yes Yes No Yes Yes Yes Mitigated Not affected Mitigated Disabled by default​[n 16] Mitigated Mitigated No
Browser Version Platforms SSL 2.0 (insecure) SSL 3.0 (insecure) TLS 1.0 TLS 1.1 TLS 1.2 TLS 1.3 EV certificate SHA-2 certificate ECDSA certificate BEAST CRIME POODLE (SSLv3) RC4 FREAK Logjam Protocol selection by user
Opera Browser
(Opera Mobile)
(Pre-Presto and Presto)
[n 30] 		1–2 Windows
MacOS
Linux
Android
Symbian S60
Maemo
Windows Mobile 		No SSL/TLS support[88]
3 Yes[89] No No No No No No No No No SSL 3.0 or TLS support Vulnerable Unknown Unknown N/A
4 Yes Yes[90] No No No No No No No Vulnerable Not affected Vulnerable Vulnerable Unknown Unknown Unknown
5 Enabled by default Enabled by default Yes[91] No No No No No No Vulnerable Not affected Vulnerable Vulnerable Unknown Unknown Yes[n 10]
6–7 Enabled by default Enabled by default Yes[91] No No No No Yes[7] No Vulnerable Not affected Vulnerable Vulnerable Unknown Unknown Yes[n 10]
8 Enabled by default Enabled by default Yes Disabled by default
[92] 		No No No Yes No Vulnerable Not affected Vulnerable Vulnerable Unknown Unknown Yes[n 10]
9 Disabled by default
[93] 		Enabled by default Yes Yes No No since v9.5
(only desktop) 		Yes No Vulnerable Not affected Vulnerable Vulnerable Unknown Unknown Yes[n 10]
10–11.52 No[94] Enabled by default Yes Disabled by default Disabled by default
[94] 		No Yes
(only desktop) 		Yes No Vulnerable Not affected Vulnerable Vulnerable Unknown Unknown Yes[n 10]
11.60–11.64 No Enabled by default Yes Disabled by default Disabled by default No Yes
(only desktop) 		Yes No Mitigated
[95] 		Not affected Vulnerable Vulnerable Unknown Unknown Yes[n 10]
12–12.14 No Disabled by default
[n 31] 		Yes Disabled by default Disabled by default No Yes
(only desktop) 		Yes No Mitigated Not affected Mitigated
[n 31] 		Vulnerable Unknown Mitigated​[97] Yes[n 10]
12.15–12.17 No Disabled by default Yes Disabled by default Disabled by default No Yes
(only desktop) 		Yes No Mitigated Not affected Mitigated Partly mitigated
[98][99] 		Unknown Mitigated​[97] Yes[n 10]
12.18 No Disabled by default Yes Yes[100] Yes[100] No Yes
(only desktop) 		Yes Yes[100] Mitigated Not affected Mitigated Disabled by default​[n 16][100] Mitigated​[100] Mitigated​[97] Yes[n 10]
Browser Version Platforms SSL 2.0 (insecure) SSL 3.0 (insecure) TLS 1.0 TLS 1.1 TLS 1.2 TLS 1.3 EV certificate SHA-2 certificate ECDSA certificate BEAST CRIME POODLE (SSLv3) RC4 FREAK Logjam Protocol selection by user
Opera Browser
(Opera Mobile)
(Webkit and Blink)
[n 32] 		14–16 Windows (7+)
OS X (10.9+)
Linux
Android (4.1+) 		No Enabled by default Yes Yes[103] No[103] No Yes
(only desktop) 		needs SHA-2 compatible OS[7] needs ECC compatible OS[8] Not affected Mitigated Vulnerable Vulnerable Vulnerable
(except Windows) 		Vulnerable Temporary
[n 11]
17–19 No Enabled by default Yes Yes[104] Yes[104] No Yes
(only desktop) 		needs SHA-2 compatible OS[7] needs ECC compatible OS[8] Not affected Mitigated Vulnerable Vulnerable Vulnerable
(except Windows) 		Vulnerable Temporary
[n 11]
20–24 No Enabled by default Yes Yes Yes No Yes
(only desktop) 		needs SHA-2 compatible OS[7] needs ECC compatible OS[8] Not affected Mitigated Partly mitigated
[n 33] 		Lowest priority
[105] 		Vulnerable
(except Windows) 		Vulnerable Temporary
[n 11]
25, 26 No Enabled by default
[n 34] 		Yes Yes Yes No Yes
(only desktop) 		Yes needs ECC compatible OS[8] Not affected Mitigated Mitigated
[n 35] 		Lowest priority Vulnerable
(except Windows) 		Vulnerable Temporary
[n 11]
27 No Disabled by default
[27] 		Yes Yes Yes No Yes
(only desktop) 		Yes needs ECC compatible OS[8] Not affected Mitigated Mitigated
[n 36] 		Lowest priority Vulnerable
(except Windows) 		Vulnerable Yes[n 37]
(only desktop)
28, 29 No Disabled by default Yes Yes Yes No Yes
(only desktop) 		Yes needs ECC compatible OS[8] Not affected Mitigated Mitigated Lowest priority Mitigated Vulnerable Yes[n 37]
(only desktop)
30 No Disabled by default Yes Yes Yes No Yes
(only desktop) 		Yes needs ECC compatible OS[8] Not affected Mitigated Mitigated Only as fallback
[n 15][28] 		Mitigated Mitigated​[97] Yes[n 37]
(only desktop)
31–34 No No[29] Yes Yes Yes No Yes
(only desktop) 		Yes needs ECC compatible OS[8] Not affected Mitigated Not affected Only as fallback
[n 15][28] 		Mitigated Mitigated Temporary
[n 11]
35, 36 No No Yes Yes Yes No Yes
(only desktop) 		Yes needs ECC compatible OS[8] Not affected Mitigated Not affected Disabled by default​[n 16][31][32] Mitigated Mitigated Temporary
[n 11]
37–40 No No Yes Yes Yes No Yes
(only desktop) 		Yes Yes Not affected Mitigated Not affected Disabled by default​[n 16][31][32] Mitigated Mitigated Temporary
[n 11]
41–56 No No Yes Yes Yes Disabled by default
(draft version) 		Yes
(only desktop) 		Yes Yes Not affected Mitigated Not affected Disabled by default​[n 16][31][32] Mitigated Mitigated Temporary
[n 11]
57, 58, 60 62 No No Yes Yes Yes Yes Yes
(only desktop) 		Yes Yes Not affected Mitigated Not affected Disabled by default​[n 16][31][32] Mitigated Mitigated Temporary
[n 11]
Browser Version Platforms SSL 2.0 (insecure) SSL 3.0 (insecure) TLS 1.0 TLS 1.1 TLS 1.2 TLS 1.3 EV certificate SHA-2 certificate ECDSA certificate BEAST CRIME POODLE (SSLv3) RC4 FREAK Logjam Protocol selection by user
Apple Safari
[n 38] 		1 Mac OS X 10.2, 10.3 No[110] Yes Yes No No No No No No Vulnerable Not affected Vulnerable Vulnerable Vulnerable Vulnerable No
2–5 Mac OS X 10.4, 10.5, Win XP No Yes Yes No No No since v3.2 No No Vulnerable Not affected Vulnerable Vulnerable Vulnerable Vulnerable No
3–5 Vista, Win 7 No Yes Yes No No No since v3.2 No Yes[34] Vulnerable Not affected Vulnerable Vulnerable Vulnerable Vulnerable No
4–6 Mac OS X 10.6, 10.7 No Yes Yes No No No Yes Yes[7] Yes[8] Vulnerable Not affected Vulnerable Vulnerable Vulnerable Vulnerable No
6 OS X 10.8 No Yes Yes No No No Yes Yes Yes[8] Mitigated
[n 39] 		Not affected Mitigated
[n 40] 		Vulnerable
[n 40] 		Mitigated
[116] 		Vulnerable No
7, 9 OS X 10.9 No Yes Yes Yes[117] Yes[117] No Yes Yes Yes Mitigated
[112] 		Not affected Mitigated
[n 40] 		Vulnerable
[n 40] 		Mitigated
[116] 		Vulnerable No
8–10 OS X 10.10 No Yes Yes Yes Yes No Yes Yes Yes Mitigated Not affected Mitigated
[n 40] 		Lowest priority
[118][n 40] 		Mitigated
[116] 		Mitigated
[119] 		No
9–11 OS X 10.11 No No Yes Yes Yes No Yes Yes Yes Mitigated Not affected Not affected Lowest priority Mitigated Mitigated No
10, 11 12 macOS 10.12 No No Yes Yes Yes No Yes Yes Yes Mitigated Not affected Not affected Disabled by default​[n 16] Mitigated Mitigated No
11 12 macOS 10.13 No No Yes Yes Yes No Yes Yes Yes Mitigated Not affected Not affected Disabled by default​[n 16] Mitigated Mitigated No
12 macOS 10.14.0–10.14.3 No No Yes Yes Yes No Yes Yes Yes Mitigated Not affected Not affected Disabled by default​[n 16] Mitigated Mitigated No
12 macOS 10.14.4–10.14.5 No No Yes Yes Yes Yes[120] Yes Yes Yes Mitigated Not affected Not affected Disabled by default​[n 16] Mitigated Mitigated No
13 macOS 10.15 No No Yes Yes Yes Yes[120] Yes Yes Yes Mitigated Not affected Not affected Disabled by default​[n 16] Mitigated Mitigated No
Browser Version Platforms SSL 2.0 (insecure) SSL 3.0 (insecure) TLS 1.0 TLS 1.1 TLS 1.2 TLS 1.3 EV certificate SHA-2 certificate ECDSA certificate BEAST CRIME POODLE (SSLv3) RC4 FREAK Logjam Protocol selection by user
Apple Safari
(mobile)
[n 41] 		3 iPhone OS 1, 2 No[124] Yes Yes No No No No No No Vulnerable Not affected Vulnerable Vulnerable Vulnerable Vulnerable No
4, 5 iPhone OS 3, iOS 4 No Yes Yes No No No Yes[125] Yes since iOS 4[34] Vulnerable Not affected Vulnerable Vulnerable Vulnerable Vulnerable No
5, 6 iOS 5, 6 No Yes Yes Yes[121] Yes[121] No Yes Yes Yes Vulnerable Not affected Vulnerable Vulnerable Vulnerable Vulnerable No
7 iOS 7 No Yes Yes Yes Yes No Yes Yes Yes[126] Mitigated
[127] 		Not affected Vulnerable Vulnerable Vulnerable Vulnerable No
8 iOS 8 No Yes Yes Yes Yes No Yes Yes Yes Mitigated Not affected Mitigated
[n 40] 		Lowest priority
[128][n 40] 		Mitigated
[129] 		Mitigated
[130] 		No
9 iOS 9 No No Yes Yes Yes No Yes Yes Yes Mitigated Not affected Not affected Lowest priority Mitigated Mitigated No
10–11 iOS 10, 11 No No Yes Yes Yes No Yes Yes Yes Mitigated Not affected Not affected Disabled by default​[n 16] Mitigated Mitigated No
12 iOS 12.0–12.1 No No Yes Yes Yes No Yes Yes Yes Mitigated Not affected Not affected Disabled by default​[n 16] Mitigated Mitigated No
12 iOS 12.2–12.3 No No Yes Yes Yes Yes[131] Yes Yes Yes Mitigated Not affected Not affected Disabled by default​[n 16] Mitigated Mitigated No
13 iOS 13 No No Yes Yes Yes Yes[131] Yes Yes Yes Mitigated Not affected Not affected Disabled by default​[n 16] Mitigated Mitigated No
iPadOS 13
Browser Version Platforms SSL 2.0 (insecure) SSL 3.0 (insecure) TLS 1.0 TLS 1.1 TLS 1.2 TLS 1.3 EV
[n 3] 		SHA-2 ECDSA BEAST[n 4] CRIME[n 5] POODLE (SSLv3)[n 6] RC4[n 7] FREAK[9][10] Logjam Protocol selection by user
SSL protocols TLS protocols Certificate Support Vulnerabilities fixed
Color or Note Significance
Browser version Platform
Browser version Operating system Future release; under development
Browser version Operating system Current latest release
Browser version Operating system Former release; still supported
Browser version Operating system Former release; long-term support still active, but will end in less than 12 months
Browser version Operating system Former release; no longer supported
n/a Operating system Mixed / Unspecified
Operating system (Version+) Minimum required operating system version (for supported versions of the browser)
Operating system No longer supported for this operating system
Notes
  1. Does the browser have mitigations or is not vulnerable for the known attacks. Note actual security depends on other factors such as negotiated cipher, encryption strength etc (see § Cipher table).
  2. Whether a user or administrator can choose the protocols to be used or not. If yes, several attacks such as BEAST (vulnerable in SSL 3.0 and TLS 1.0) or POODLE (vulnerable in SSL 3.0) can be avoided.
  3. 3.0 3.1 Whether EV SSL and DV SSL (normal SSL) can be distinguished by indicators (green lock icon, green address bar, etc.) or not.
  4. 4.0 4.1 e.g. 1/n-1 record splitting.
  5. 5.0 5.1 e.g. Disabling header compression in HTTPS/SPDY.
  6. 6.0 6.1
    • Complete mitigations; disabling SSL 3.0 itself, "anti-POODLE record splitting". "Anti-POODLE record splitting" is effective only with client-side implementation and valid according to the SSL 3.0 specification, however, it may also cause compatibility issues due to problems in server-side implementations.
    • Partial mitigations; disabling fallback to SSL 3.0, TLS_FALLBACK_SCSV, disabling cipher suites with CBC mode of operation. If the server also supports TLS_FALLBACK_SCSV, the POODLE attack will fail against this combination of server and browser, but connections where the server does not support TLS_FALLBACK_SCSV and does support SSL 3.0 will still be vulnerable. If disabling cipher suites with CBC mode of operation in SSL 3.0, only cipher suites with RC4 are available, RC4 attacks become easier.
    • When disabling SSL 3.0 manually, POODLE attack will fail.
  7. 7.0 7.1
    • Complete mitigation; disabling cipher suites with RC4.
    • Partial mitigations to keeping compatibility with old systems; setting the priority of RC4 to lower.
  8. Google Chrome (and Chromium) supports TLS 1.0, and TLS 1.1 from version 22 (it was added, then dropped from version 21). TLS 1.2 support has been added, then dropped from Chrome 29.[11][12][13]
  9. Uses the TLS implementation provided by BoringSSL for Android, OS X, and Windows[14] or by NSS for Linux. Google is switching the TLS library used in Chrome to BoringSSL from NSS completely.
  10. 10.00 10.01 10.02 10.03 10.04 10.05 10.06 10.07 10.08 10.09 10.10 10.11 10.12 10.13 10.14 10.15 10.16 10.17 10.18 10.19 10.20 10.21 10.22 10.23 10.24 10.25 10.26 10.27 10.28 10.29 10.30 10.31 10.32 10.33 10.34 10.35 10.36 10.37 10.38 10.39 10.40 10.41 10.42 10.43 10.44 10.45 10.46 10.47 10.48 10.49 configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers)
  11. 11.00 11.01 11.02 11.03 11.04 11.05 11.06 11.07 11.08 11.09 11.10 11.11 11.12 11.13 11.14 11.15 11.16 11.17 11.18 configure the maximum and the minimum version of enabling protocols with command-line option
  12. TLS_FALLBACK_SCSV is implemented.[22] Fallback to SSL 3.0 is disabled since version 39.[23]
  13. In addition to TLS_FALLBACK_SCSV and disabling a fallback to SSL 3.0, SSL 3.0 itself is disabled by default.[23]
  14. 14.0 14.1 14.2 configure the minimum version of enabling protocols via chrome://flags[27] (the maximum version can be configured with command-line option)
  15. 15.0 15.1 15.2 15.3 15.4 15.5 15.6 15.7 15.8 Only when no cipher suites with other than RC4 is available, cipher suites with RC4 will be used as a fallback.
  16. 16.00 16.01 16.02 16.03 16.04 16.05 16.06 16.07 16.08 16.09 16.10 16.11 16.12 16.13 16.14 16.15 16.16 16.17 16.18 16.19 16.20 16.21 16.22 16.23 16.24 16.25 16.26 16.27 16.28 16.29 16.30 16.31 16.32 16.33 16.34 16.35 16.36 16.37 16.38 16.39 16.40 16.41 16.42 16.43 16.44 16.45 16.46 16.47 All RC4 cipher suites are disabled by default.
  17. Uses the TLS implementation provided by NSS. As of Firefox 22, Firefox supports only TLS 1.0 despite the bundled NSS supporting TLS 1.1. Since Firefox 23, TLS 1.1 can be enabled, but was not enabled by default due to issues. Firefox 24 has TLS 1.2 support disabled by default. TLS 1.1 and TLS 1.2 have been enabled by default in Firefox 27 release.
  18. 18.00 18.01 18.02 18.03 18.04 18.05 18.06 18.07 18.08 18.09 18.10 18.11 18.12 configure the maximum and the minimum version of enabling protocols via about:config
  19. SSL 3.0 itself is disabled by default.[48] In addition, fallback to SSL 3.0 is disabled since version 34,[50] and TLS_FALLBACK_SCSV is implemented since 35.0 and ESR 31.3.[48][51]
  20. 20.0 20.1 20.2 20.3 IE uses the TLS implementation of the Microsoft Windows operating system provided by the SChannel security support provider. TLS 1.1 and 1.2 are disabled by default until IE11.[60][61]
  21. 21.0 21.1 Windows NT 3.1 supports IE 1–2, Windows NT 3.5 supports IE 1–3, Windows NT 3.51 and Windows NT 4.0 supports IE 1–6
  22. 22.0 22.1 22.2 22.3 Windows XP as well as Server 2003 and older support only weak ciphers like 3DES and RC4 out of the box.[65] The weak ciphers of these SChannel version are not only used for IE, but also for other Microsoft products running on this OS, like Office or Windows Update. Only Windows Server 2003 can get a manually update to support AES ciphers by KB948963[66]
  23. 23.0 23.1 23.2 23.3 MS13-095 or MS14-049 for 2003 and XP-64 or SP3 for XP (32-bit)
  24. 24.0 24.1 24.2 Internet Explorer Support Announcement[69]
  25. 25.0 25.1 RC4 can be disabled except as a fallback (Only when no cipher suites with other than RC4 is available, cipher suites with RC4 will be used as a fallback.)[72]
  26. 26.0 26.1 26.2 26.3 Fallback to SSL 3.0 is sites blocked by default in Internet Explorer 11 for Protected Mode.[74][75] SSL 3.0 is disabled by default in Internet Explorer 11 since April 2015.[76]
  27. 27.0 27.1 Edge (formerly known as Project Spartan) is based on a fork of the Internet Explorer 11 rendering engine.
  28. Except Windows 10 LTSB 2015 (LongTermSupportBranch)[80]
  29. 29.0 29.1 29.2 Could be disabled via registry editing but need 3rd Party tools to do this.[81]
  30. Opera 10 added support for TLS 1.2 as of Presto 2.2. Previous support was for TLS 1.0 and 1.1. TLS 1.1 and 1.2 are disabled by default (except for version 9[87] that enabled TLS 1.1 by default).
  31. 31.0 31.1 SSL 3.0 is disabled by default remotely since October 15, 2014[96]
  32. TLS support of Opera 14 and above is same as that of Chrome, because Opera has migrated to Chromium backend (Opera 14 for Android is based on Chromium 26 with WebKit,[101] and Opera 15 and above are based on Chromium 28 and above with Blink[102]).
  33. TLS_FALLBACK_SCSV is implemented.[105]
  34. SSL 3.0 is enabled by default, with some mitigations against known vulnerabilities such as BEAST and POODLE implemented.[96]
  35. In addition to TLS_FALLBACK_SCSV, "anti-POODLE record splitting" is implemented.[96]
  36. In addition to TLS_FALLBACK_SCSV and "anti-POODLE record splitting", SSL 3.0 itself is disabled by default.[27]
  37. 37.0 37.1 37.2 configure the minimum version of enabling protocols via opera://flags[27] (the maximum version can be configured with command-line option)
  38. Safari uses the operating system implementation on Mac OS X, Windows (XP, Vista, 7)[106] with unknown version,[107] Safari 5 is the last version available for Windows. OS X 10.8 on have SecureTransport support for TLS 1.1 and 1.2[108] Qualys SSL report simulates Safari 5.1.9 connecting with TLS 1.0 not 1.1 or 1.2[109]
  39. In September 2013, Apple implemented BEAST mitigation in OS X 10.8 (Mountain Lion), but it was not turned on by default resulting in Safari still being theoretically vulnerable to the BEAST attack on that platform.[111][112] BEAST mitigation has been enabled by default from OS X 10.8.5 updated in February 2014.[113]
  40. 40.0 40.1 40.2 40.3 40.4 40.5 40.6 40.7 Because Apple removed support for all CBC protocols in SSL 3.0 to mitigate POODLE,[114][115] this leaves only RC4 which is also completely broken by the RC4 attacks in SSL 3.0.
  41. Mobile Safari and third-party software utilizing the system UIWebView library use the iOS operating system implementation, which supports TLS 1.2 as of iOS 5.0.[121][122][123]

Libraries

Main page: Comparison of TLS implementations

Most SSL and TLS programming libraries are free and open source software.

  • BoringSSL, a fork of OpenSSL for Chrome/Chromium and Android as well as other Google applications.
  • Botan, a BSD-licensed cryptographic library written in C++.
  • cryptlib: a portable open source cryptography library (includes TLS/SSL implementation)
  • Delphi programmers may use a library called Indy which utilizes OpenSSL or alternatively ICS which supports TLS 1.3 now.
  • GnuTLS: a free implementation (LGPL licensed)
  • Java Secure Socket Extension: a Java implementation included in the Java Runtime Environment supported TLS 1.1 and 1.2 starting with Java 7. (TLS 1.1/1.2 were initially disabled by default for client on Java 7, but were enabled in January 2017.[132]) Java 11 supports TLS 1.3.[133]
  • LibreSSL: a fork of OpenSSL by OpenBSD project.
  • MatrixSSL: a dual licensed implementation
  • mbed TLS (previously PolarSSL): A tiny SSL library implementation for embedded devices that is designed for ease of use
  • Network Security Services: FIPS 140 validated open source library
  • OpenSSL: a free implementation (BSD license with some extensions)
  • SChannel: an implementation of SSL and TLS Microsoft Windows as part of its package.
  • Secure Transport: an implementation of SSL and TLS used in OS X and iOS as part of their packages.
  • wolfSSL (previously CyaSSL): Embedded SSL/TLS Library with a strong focus on speed and size.
Library support for TLS/SSL
Implementation SSL 2.0 (insecure) SSL 3.0 (insecure) TLS 1.0 TLS 1.1 TLS 1.2 TLS 1.3
Botan No No[134] Yes Yes Yes
cryptlib No Disabled by default at compile time Yes Yes Yes
GnuTLS No[a] Disabled by default[135] Yes Yes Yes yes
(draft version)[136]
Java Secure Socket Extension No[a] Disabled by default[137] Yes Yes Yes Yes
LibreSSL No[138] No[139] Yes Yes Yes
MatrixSSL No Disabled by default at compile time[140] Yes Yes Yes yes
(draft version)
mbed TLS (previously PolarSSL) No Disabled by default[141] Yes Yes Yes
Network Security Services No[b] Disabled by default[142] Yes Yes[143] Yes[144] Yes[145]
OpenSSL No[146] Enabled by default Yes Yes[147] Yes[147] Yes[148]
RSA BSAFE[149] No Yes Yes Yes Yes
SChannel XP / 2003[150] Disabled by default by MSIE 7 Enabled by default Enabled by default by MSIE 7 No No No
SChannel Vista[151] Disabled by default Enabled by default Yes No No No
SChannel 2008[151] Disabled by default Enabled by default Yes Disabled by default (KB4019276)[5] Disabled by default (KB4019276)[5] No
SChannel 7 / 2008 R2[152] Disabled by default Disabled by default in MSIE 11 Yes Enabled by default by MSIE 11 Enabled by default by MSIE 11 No
SChannel 8 / 2012[152] Disabled by default Enabled by default Yes Disabled by default Disabled by default No
SChannel 8.1 / 2012 R2, 10 v1507 & v1511[152] Disabled by default Disabled by default in MSIE 11 Yes Yes Yes No
SChannel 10 v1607 / 2016[79] No Disabled by default Yes Yes Yes No
Secure Transport OS X 10.2–10.8 / iOS 1–4 Yes Yes Yes No No
Secure Transport OS X 10.9–10.10 / iOS 5–8 No[c] Yes Yes Yes[c] Yes[c]
Secure Transport OS X 10.11 / iOS 9 No No[c] Yes Yes Yes
Seed7 TLS/SSL Library No Yes Yes Yes Yes
wolfSSL (previously CyaSSL) No Disabled by default[153] Yes Yes Yes yes
(draft version)[154]
Implementation SSL 2.0 (insecure) SSL 3.0 (insecure) TLS 1.0 TLS 1.1 TLS 1.2 TLS 1.3
  1. ^ Server-side implementation of the SSL/TLS protocol still supports processing of received v2-compatible client hello messages.[155]
  2. ^ Secure Transport: SSL 2.0 was discontinued in OS X 10.8. SSL 3.0 was discontinued in OS X 10.11 and iOS 9. TLS 1.1 and 1.2 are available on iOS 5.0 and later, and OS X 10.9 and later.[156]
    3. [157]

A paper presented at the 2012 ACM conference on computer and communications security[158] showed that few applications used some of these SSL libraries correctly, leading to vulnerabilities. According to the authors

"the root cause of most of these vulnerabilities is the terrible design of the APIs to the underlying SSL libraries. Instead of expressing high-level security properties of network tunnels such as confidentiality and authentication, these APIs expose low-level details of the SSL protocol to application developers. As a consequence, developers often use SSL APIs incorrectly, misinterpreting and misunderstanding their manifold parameters, options, side effects, and return values."

Other uses

The Simple Mail Transfer Protocol (SMTP) can also be protected by TLS. These applications use public key certificates to verify the identity of endpoints.

TLS can also be used to tunnel an entire network stack to create a VPN, as is the case with OpenVPN and OpenConnect. Many vendors now marry TLS's encryption and authentication capabilities with authorization. There has also been substantial development since the late 1990s in creating client technology outside of the browser to enable support for client/server applications. When compared against traditional IPsec VPN technologies, TLS has some inherent advantages in firewall and NAT traversal that make it easier to administer for large remote-access populations.

TLS is also a standard method to protect Session Initiation Protocol (SIP) application signaling. TLS can be used to provide authentication and encryption of the SIP signaling associated with VoIP and other SIP-based applications.[citation needed]

References

  1. "Http vs https". Archived from the original on 2015-02-12. https://web.archive.org/web/20150212105201/https://www.instantssl.com/ssl-certificate-products/https.html. Retrieved 2015-02-12. 
  2. 2.0 2.1 As of May 3, 2019. "SSL Pulse: Survey of the SSL Implementation of the Most Popular Websites". https://www.ssllabs.com/ssl-pulse/. Retrieved 2019-05-09. 
  3. ivanr. "RC4 in TLS is Broken: Now What?". Qualsys Security Labs. Archived from the original on 2013-08-27. https://web.archive.org/web/20130827044512/https://community.qualys.com/blogs/securitylabs/2013/03/19/rc4-in-tls-is-broken-now-what. Retrieved 2013-07-30. 
  4. Cite error: Invalid <ref> tag; no text was provided for refs named poodle_pdf
  5. 5.0 5.1 5.2 5.3 5.4 "Update to add support for TLS 1.1 and TLS 1.2 in Windows Server 2008 SP2, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009". https://support.microsoft.com/kb/4019276. Retrieved 2017-07-19. 
  6. "What browsers support Extended Validation (EV) and display an EV indicator?". Symantec. Archived from the original on 2015-12-31. https://web.archive.org/web/20151231171309/https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=SO10090&actp=search&viewlocale=en_US&searchid=1406590748892. Retrieved 2014-07-28. 
  7. 7.00 7.01 7.02 7.03 7.04 7.05 7.06 7.07 7.08 7.09 7.10 7.11 7.12 7.13 "SHA-256 Compatibility". Archived from the original on 2015-07-01. https://web.archive.org/web/20150701004324/https://support.globalsign.com/customer/portal/articles/1499561-sha-256-compatibility. Retrieved 2015-06-12. 
  8. 8.00 8.01 8.02 8.03 8.04 8.05 8.06 8.07 8.08 8.09 8.10 8.11 8.12 8.13 8.14 8.15 8.16 8.17 8.18 8.19 8.20 8.21 8.22 8.23 8.24 8.25 8.26 8.27 "ECC Compatibility". Archived from the original on 2016-02-17. https://web.archive.org/web/20160217122951/https://support.globalsign.com/customer/portal/articles/1995283-ecc-compatibility. Retrieved 2015-06-13. 
  9. 9.0 9.1 "Tracking the FREAK Attack". Archived from the original on 2015-03-06. https://web.archive.org/web/20150306174623/https://freakattack.com/. Retrieved 2015-03-08. 
  10. 10.0 10.1 "FREAK: Factoring RSA Export Keys". Archived from the original on 2015-03-11. https://web.archive.org/web/20150311112517/https://www.smacktls.com/#freak. Retrieved 2015-03-08. 
  11. Google (2012-05-29). "Dev Channel Update". Archived from the original on 2013-03-02. https://web.archive.org/web/20130302032339/http://googlechromereleases.blogspot.nl/2012/05/dev-channel-update_29.html. Retrieved 2011-06-01. 
  12. Google (2012-08-21). "Stable Channel Update". Archived from the original on 2012-08-25. https://web.archive.org/web/20120825192441/http://googlechromereleases.blogspot.co.uk/2012/08/stable-channel-update_21.html. Retrieved 2012-08-22. 
  13. Chromium Project (2013-05-30). "Chromium TLS 1.2 Implementation". https://src.chromium.org/viewvc/chrome?revision=203090&view=revision. 
  14. "The Chromium Project: BoringSSL". Archived from the original on 2015-09-23. https://web.archive.org/web/20150923033459/http://www.chromium.org/Home/chromium-security/boringssl. Retrieved 2015-09-05. 
  15. "Chrome Stable Release". Chrome Releases. 2011-10-25. Archived from the original on 2015-02-20. https://web.archive.org/web/20150220020306/http://googlechromereleases.blogspot.jp/2011/10/chrome-stable-release.html. Retrieved 2015-02-01. 
  16. "SVN revision log on Chrome 10.0.648.127 release". https://build.chromium.org/f/chromium/perf/dashboard/ui/changelog.html?url=/trunk/src&range=72316:67679&mode=html. Retrieved 2014-06-19. 
  17. 17.0 17.1 "ImperialViolet – CRIME". 2012-09-22. Archived from the original on 2015-01-10. https://web.archive.org/web/20150110195746/https://www.imperialviolet.org/2012/09/21/crime.html. Retrieved 2014-10-18. 
  18. 18.0 18.1 "SSL/TLS Overview". 2008-08-06. Archived from the original on 2013-07-03. https://web.archive.org/web/20130703043525/https://sites.google.com/site/tlsssloverview/ssl-v-tls/tls-versions-and-browser-compatability. Retrieved 2013-03-29. 
  19. 19.0 19.1 "Chromium Issue 90392". 2008-08-06. Archived from the original on 2013-08-03. https://web.archive.org/web/20130803110745/http://code.google.com/p/chromium/issues/detail?id=90392. Retrieved 2013-06-28. 
  20. 20.0 20.1 "Issue 23503030 Merge 219882". 2013-09-03. Archived from the original on 2014-02-26. https://web.archive.org/web/20140226230020/https://codereview.chromium.org/23503030/. Retrieved 2013-09-19. 
  21. 21.0 21.1 "Issue 278370: Unable to submit client certificates over TLS 1.2 from Windows". 2013-08-23. Archived from the original on 2013-10-05. https://web.archive.org/web/20131005021656/http://code.google.com/p/chromium/issues/detail?id=278370. Retrieved 2013-10-03. 
  22. Möller, Bodo (2014-10-14). "This POODLE bites: exploiting the SSL 3.0 fallback". Google Online Security blog. Google (via Blogspot). Archived from the original on 2014-10-28. https://web.archive.org/web/20141028003952/http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html. Retrieved 2014-10-28. 
  23. 23.0 23.1 23.2 "An update on SSLv3 in Chrome.". Security-dev. 2014-10-31. https://groups.google.com/a/chromium.org/forum/#!topic/security-dev/Vnhy9aKM_l4. Retrieved 2014-11-04. 
  24. "Stable Channel Update". Mozilla Developer Network. 2014-02-20. Archived from the original on 2014-10-24. https://web.archive.org/web/20141024210105/http://googlechromereleases.blogspot.com/2014/02/stable-channel-update_20.html. Retrieved 2014-11-14. 
  25. "Changelog for Chrome 33.0.1750.117". Google. https://build.chromium.org/f/chromium/perf/dashboard/ui/changelog.html?url=/trunk/src&range=232870:241107&mode=html. Retrieved 2014-11-14. 
  26. "Issue 318442: Update to NSS 3.15.3 and NSPR 4.10.2". Archived from the original on 2015-03-15. https://web.archive.org/web/20150315043755/https://code.google.com/p/chromium/issues/detail?id=318442. Retrieved 2014-11-14. 
  27. 27.0 27.1 27.2 27.3 27.4 "Issue 693963003: Add minimum TLS version control to about:flags and Finch gate it. – Code Review". Archived from the original on 2015-04-16. https://web.archive.org/web/20150416072943/https://codereview.chromium.org/693963003. Retrieved 2015-01-22. 
  28. 28.0 28.1 28.2 "Issue 375342: Drop RC4 Support". Archived from the original on 2015-09-12. https://web.archive.org/web/20150912071452/https://code.google.com/p/chromium/issues/detail?id=375342. Retrieved 2015-05-22. 
  29. 29.0 29.1 "Issue 436391: Add info on end of life of SSLVersionFallbackMin & SSLVersionMin policy in documentation". Archived from the original on 2015-04-18. https://web.archive.org/web/20150418095600/http://code.google.com/p/chromium/issues/detail?id=436391. Retrieved 2015-04-19. 
  30. "Issue 490240: Increase minimum DH size to 1024 bits (tracking bug)". Archived from the original on 2015-09-12. https://web.archive.org/web/20150912081831/https://code.google.com/p/chromium/issues/detail?id=490240. Retrieved 2015-05-29. 
  31. 31.0 31.1 31.2 31.3 31.4 31.5 31.6 31.7 31.8 "Intent to deprecate: RC4". https://groups.google.com/a/chromium.org/forum/#!msg/security-dev/kVfCywocUO8/2BW3INFdDwAJ. Retrieved 2015-12-21. 
  32. 32.0 32.1 32.2 32.3 32.4 32.5 32.6 32.7 32.8 "An update on SHA-1 certificates in Chrome". 2015-12-18. Archived from the original on 2015-12-18. https://web.archive.org/web/20151218214756/https://googleonlinesecurity.blogspot.com/2015/12/an-update-on-sha-1-certificates-in.html. Retrieved 2015-12-21. 
  33. "SSLSocket | Android Developers". Archived from the original on 2015-03-18. https://web.archive.org/web/20150318121117/http://developer.android.com/reference/javax/net/ssl/SSLSocket.html. Retrieved 2015-03-11. 
  34. 34.0 34.1 34.2 34.3 "What browsers work with Universal SSL". Archived from the original on 2016-03-04. https://web.archive.org/web/20160304023941/https://support.cloudflare.com/hc/en-us/articles/203041594-What-browsers-work-with-Universal-SSL. Retrieved 2015-06-15. 
  35. 35.0 35.1 35.2 35.3 "SSLSocket | Android Developers". Archived from the original on 2016-03-04. https://web.archive.org/web/20160304202641/https://developer.android.com/reference/javax/net/ssl/SSLSocket.html. Retrieved 2015-12-17. 
  36. 36.0 36.1 "Android 5.0 Behavior Changes | Android Developers". Archived from the original on 2015-03-09. https://web.archive.org/web/20150309000956/http://developer.android.com/about/versions/android-5.0-changes.html#ssl. Retrieved 2015-03-11. 
  37. "Android 8.0 Behavior Changes". Archived from the original on 2017-12-01. https://web.archive.org/web/20171201042705/https://developer.android.com/about/versions/oreo/android-8.0-changes.html. 
  38. 38.0 38.1 38.2 38.3 "Security in Firefox 2". 2008-08-06. Archived from the original on 2014-07-14. https://web.archive.org/web/20140714142705/https://developer.mozilla.org/en-US/Firefox/Releases/2/Security_changes. Retrieved 2009-03-31. 
  39. "Attack against TLS-protected communications". Mozilla Security Blog. Mozilla. 2011-09-27. Archived from the original on 2015-03-04. https://web.archive.org/web/20150304221307/https://blog.mozilla.org/security/2011/09/27/attack-against-tls-protected-communications/. Retrieved 2015-02-01. 
  40. 40.0 40.1 "Introduction to SSL". MDN. Archived from the original on 2014-07-14. https://web.archive.org/web/20140714205945/https://developer.mozilla.org/en-US/docs/Introduction_to_SSL. Retrieved 2014-06-19. 
  41. 41.0 41.1 "NSS 3.15.3 Release Notes". Mozilla Developer Network. Mozilla. Archived from the original on 2014-06-05. https://web.archive.org/web/20140605001016/https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.15.3_release_notes. Retrieved 2014-07-13. 
  42. 42.0 42.1 "MFSA 2013-103: Miscellaneous Network Security Services (NSS) vulnerabilities". Mozilla. Mozilla. Archived from the original on 2014-07-14. https://web.archive.org/web/20140714121632/http://www.mozilla.org/security/announce/2013/mfsa2013-103.html. Retrieved 2014-07-13. 
  43. "Bug 565047 – (RFC4346) Implement TLS 1.1 (RFC 4346)". https://bugzilla.mozilla.org/show_bug.cgi?id=565047. Retrieved 2013-10-29. 
  44. "Bug 480514 – Implement support for TLS 1.2 (RFC 5246)". https://bugzilla.mozilla.org/show_bug.cgi?id=480514. Retrieved 2013-10-29. 
  45. "Bug 733647 – Implement TLS 1.1 (RFC 4346) in Gecko (Firefox, Thunderbird), on by default". https://bugzilla.mozilla.org/show_bug.cgi?id=733647. Retrieved 2013-12-04. 
  46. 46.0 46.1 "Firefox Notes – Desktop". 2014-02-04. Archived from the original on 2014-02-07. https://web.archive.org/web/20140207095334/https://website-archive.mozilla.org/www.mozilla.org/firefox_releasenotes/en-US/firefox/27.0/releasenotes/. Retrieved 2014-02-04. 
  47. "Bug 861266 – Implement TLS 1.2 (RFC 5246) in Gecko (Firefox, Thunderbird), on by default". https://bugzilla.mozilla.org/show_bug.cgi?id=861266. Retrieved 2013-11-18. 
  48. 48.0 48.1 48.2 "The POODLE Attack and the End of SSL 3.0". Mozilla blog. Mozilla. 2014-10-14. Archived from the original on 2014-10-18. https://web.archive.org/web/20141018231351/https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/. Retrieved 2014-10-28. 
  49. "Firefox — Notes (34.0) — Mozilla". mozilla.org. 2014-12-01. Archived from the original on 2015-04-09. https://web.archive.org/web/20150409022558/https://www.mozilla.org/en-US/firefox/34.0/releasenotes/. Retrieved 2015-04-03. 
  50. "Bug 1083058 – A pref to control TLS version fallback". bugzilla.mozilla.org. https://bugzilla.mozilla.org/show_bug.cgi?id=1083058. Retrieved 2014-11-06. 
  51. "Bug 1036737 – Add support for draft-ietf-tls-downgrade-scsv to Gecko/Firefox". bugzilla.mozilla.org. https://bugzilla.mozilla.org/show_bug.cgi?id=1036737. Retrieved 2014-10-29. 
  52. 52.0 52.1 52.2 "Bug 1166031 – Update to NSS 3.19.1". bugzilla.mozilla.org. https://bugzilla.mozilla.org/show_bug.cgi?id=1166031. Retrieved 2015-05-29. 
  53. "Bug 1088915 – Stop offering RC4 in the first handshakes". bugzilla.mozilla.org. https://bugzilla.mozilla.org/show_bug.cgi?id=1088915. Retrieved 2014-11-04. 
  54. "Firefox — Notes (39.0) — Mozilla". mozilla.org. 2015-06-30. Archived from the original on 2015-07-03. https://web.archive.org/web/20150703163249/https://www.mozilla.org/en-US/firefox/39.0/releasenotes/. Retrieved 2015-07-03. 
  55. "Google, Microsoft, and Mozilla will drop RC4 encryption in Chrome, Edge, IE, and Firefox next year". VentureBeat. 2015-09-01. Archived from the original on 2015-09-05. https://web.archive.org/web/20150905214154/http://venturebeat.com/2015/09/01/google-microsoft-and-mozilla-will-drop-rc4-support-in-chrome-edge-ie-and-firefox-next-year/. Retrieved 2015-09-05. 
  56. "Intent to ship: RC4 disabled by default in Firefox 44". Archived from the original on 2011-01-22. http://arquivo.pt/wayback/20110122130054/https://groups.google.com/forum/#!searchin/mozilla.dev.platform/rc4/mozilla.dev.platform/JIEFcrGhqSM/CIjtpwxoLQAJ. Retrieved 2015-10-18. 
  57. "RC4 is now allowed only on whitelisted sites (Reverted)". https://www.fxsitecompat.com/en-US/docs/2015/rc4-is-now-allowed-only-on-whitelisted-sites/. Retrieved 2015-11-02. 
  58. "Firefox — Notes (44.0) — Mozilla". mozilla.org. 2016-01-26. Archived from the original on 2016-03-04. https://web.archive.org/web/20160304025010/https://www.mozilla.org/en-US/firefox/44.0/releasenotes/. Retrieved 2016-03-09. 
  59. "Bug 1342082 – Disable TLS 1.3 for FF52 Release". https://bugzilla.mozilla.org/show_bug.cgi?id=1342082. Retrieved 2017-03-29. 
  60. Microsoft (2012-09-05). "Secure Channel". Archived from the original on 2012-08-29. https://web.archive.org/web/20120829025314/http://msdn.microsoft.com/en-us/library/aa380123.aspx. Retrieved 2012-10-18. 
  61. Microsoft (2009-02-27). "MS-TLSP Appendix A". Archived from the original on 2013-09-27. https://web.archive.org/web/20130927055954/http://msdn.microsoft.com/en-us/library/dd208005.aspx. Retrieved 2009-03-19. 
  62. 62.0 62.1 "What browsers only support SSLv2?". https://stackoverflow.com/q/881563. Retrieved 2014-06-19. 
  63. 63.0 63.1 63.2 63.3 "SHA2 and Windows – Windows PKI blog – Site Home – TechNet Blogs". 2010-09-30. Archived from the original on 2014-07-16. https://web.archive.org/web/20140716230537/http://blogs.technet.com/b/pki/archive/2010/09/30/sha2-and-windows.aspx. Retrieved 2014-07-29. 
  64. 64.0 64.1 64.2 64.3 64.4 "HTTPS Security Improvements in Internet Explorer 7". Archived from the original on 2013-10-10. https://web.archive.org/web/20131010205312/http://msdn.microsoft.com/en-us/library/bb250503.aspx. Retrieved 2013-10-29. 
  65. "TLS Cipher Suites". Microsoft. Archived from the original on 2017-03-13. https://web.archive.org/web/20170313125201/https://msdn.microsoft.com/en-us/library/windows/desktop/aa380512.aspx. 
  66. "Archived copy". Archived from the original on 2015-03-11. https://web.archive.org/web/20150311105145/http://support.microsoft.com/kb/948963. Retrieved 2017-07-19. 
  67. 67.0 67.1 67.2 67.3 67.4 67.5 67.6 67.7 "Vulnerability in Schannel Could Allow Security Feature Bypass (3046049)". 2015-03-10. Archived from the original on 2017-03-13. https://web.archive.org/web/20170313130837/https://technet.microsoft.com/en-us/security/MS15-031. Retrieved 2015-03-11. 
  68. 68.0 68.1 68.2 68.3 68.4 68.5 68.6 68.7 "Vulnerability in Schannel Could Allow Information Disclosure (3061518)". 2015-05-12. Archived from the original on 2016-10-08. https://web.archive.org/web/20161008035505/https://technet.microsoft.com/en-us/security/MS15-055. Retrieved 2015-05-22. 
  69. "Microsoft Support Lifecycle". Microsoft. Archived from the original on 2015-03-10. https://web.archive.org/web/20150310050219/http://support.microsoft.com/gp/msl-ie-dotnet-an. 
  70. 70.0 70.1 70.2 70.3 "Windows 7 adds support for TLSv1.1 and TLSv1.2 – IEInternals – Site Home – MSDN Blogs". Archived from the original on 2013-12-26. https://web.archive.org/web/20131226222853/http://blogs.msdn.com/b/ieinternals/archive/2009/06/19/windows-7-support-for-tls-and-ciphers.aspx. Retrieved 2013-10-29. 
  71. 71.0 71.1 Thomlinson, Matt (2014-11-11). "Hundreds of Millions of Microsoft Customers Now Benefit from Best-in-Class Encryption". Microsoft Security. Archived from the original on 2014-11-14. https://web.archive.org/web/20141114143813/http://blogs.microsoft.com/cybertrust/2014/11/11/hundreds-of-millions-of-microsoft-customers-now-benefit-from-best-in-class-encryption/. Retrieved 2014-11-14. 
  72. Microsoft security advisory: Update for disabling RC4
  73. 73.0 73.1 73.2 73.3 Microsoft (2013-09-24). "IE11 Changes". Archived from the original on 2013-10-30. https://web.archive.org/web/20131030114356/http://blogs.msdn.com/b/ieinternals/archive/2013/09/24/internet-explorer-11-changelist-change-log.aspx. Retrieved 2013-11-01. 
  74. "February 2015 security updates for Internet Explorer". 2015-02-11. Archived from the original on 2015-02-11. https://web.archive.org/web/20150211031724/http://blogs.msdn.com/b/ie/archive/2015/02/10/february-2015-security-updates-for-internet-explorer.aspx. Retrieved 2015-02-11. 
  75. "Update turns on the setting to disable SSL 3.0 fallback for protected mode sites by default in Internet Explorer 11". Archived from the original on 2015-02-14. https://web.archive.org/web/20150214082207/http://support.microsoft.com/kb/3038778. Retrieved 2015-02-11. 
  76. "Vulnerability in SSL 3.0 Could Allow Information Disclosure". 2015-04-14. Archived from the original on 2016-10-08. https://web.archive.org/web/20161008035547/https://technet.microsoft.com/en-us/security/3009008. Retrieved 2015-04-14. 
  77. Microsoft Edge Team (2016-08-09). "RC4 is now disabled in Microsoft Edge and Internet Explorer 11". Microsoft. Archived from the original on 2016-08-21. https://web.archive.org/web/20160821091621/https://blogs.windows.com/msedgedev/2016/08/09/rc4-now-deprecated/. 
  78. "Internet Explorer 11 for Windows Server 2012 and Windows Embedded 8 Standard". 2019-04-16. https://support.microsoft.com/en-us/help/4492872/update-for-internet-explorer-april-16-2019. 
  79. 79.0 79.1 79.2 79.3 79.4 "TLS (Schannel SSP) changes in Windows 10 and Windows Server 2016". Microsoft. 2017-03-21. Archived from the original on 2017-03-30. https://web.archive.org/web/20170330011044/https://technet.microsoft.com/en-us/windows-server-docs/security/tls/tls-schannel-ssp-changes-in-windows-10-and-windows-server-2016. Retrieved 2017-03-29. 
  80. Foley, Mary Jo. "Some Windows 10 Enterprise users won't get Microsoft's Edge browser". ZDNet. Archived from the original on 2017-03-20. https://web.archive.org/web/20170320184521/http://www.zdnet.com/article/some-windows-10-enterprise-users-wont-get-microsofts-edge-browser/. 
  81. "POODLE SSL vulnerability – secure your Windo… – Windows Phone 8 Development and Hacking". XDA Developers. Archived from the original on 2016-09-23. https://web.archive.org/web/20160923053812/http://forum.xda-developers.com/windows-phone-8/development/poodle-ssl-vulnerability-secure-windows-t2906203. 
  82. 82.0 82.1 "What TLS version is used in Windows Phone 8 for secure HTTP connections?". Microsoft. Archived from the original on 2016-03-04. https://web.archive.org/web/20160304063257/https://social.msdn.microsoft.com/Forums/windowsapps/en-US/2ddee177-5086-4453-987b-d02b6a7ec62d/what-tls-version-is-used-in-windows-phone-8-for-secure-http-connections?forum=wpdevelop. Retrieved 2014-11-07. 
  83. "Qualys SSL Labs – Projects / User Agent Capabilities: Unknown". Archived from the original on 2017-03-01. https://web.archive.org/web/20170301141459/https://www.ssllabs.com/ssltest/viewClient.html?name=IE%20Mobile&version=10&platform=Win%20Phone%208.0. 
  84. 84.0 84.1 "Platform Security". Microsoft. 2014-06-25. Archived from the original on 2017-03-13. https://web.archive.org/web/20170313125118/https://technet.microsoft.com/en-us/library/dn756283.aspx. Retrieved 2014-11-07. 
  85. "Release Notes: Important Issues in Windows 8.1 Preview". Microsoft. 2013-06-24. Archived from the original on 2014-11-04. https://web.archive.org/web/20141104071622/http://technet.microsoft.com/en-us/library/dn303404.aspx. Retrieved 2014-11-04. 
  86. "W8.1(IE11) vs RC4". Qualys Community. Archived from the original on 2014-11-04. https://web.archive.org/web/20141104093736/https://community.qualys.com/thread/12092. Retrieved 2014-11-04. 
  87. "Opera 9.0 for Windows Changelog". Archived from the original on 2012-09-10. https://archive.today/20120910/http://www.opera.com/docs/changelogs/windows/900/. 
  88. "Opera 2 series". Archived from the original on 2014-10-23. https://web.archive.org/web/20141023073434/http://www.opera.com/docs/history/presto/#o2. Retrieved 2014-09-20. 
  89. "Opera 3 series". Archived from the original on 2014-10-23. https://web.archive.org/web/20141023073434/http://www.opera.com/docs/history/presto/#o3. Retrieved 2014-09-20. 
  90. "Opera 4 series". Archived from the original on 2014-10-23. https://web.archive.org/web/20141023073434/http://www.opera.com/docs/history/presto/#o4. Retrieved 2014-09-20. 
  91. 91.0 91.1 "Changelog for Opera 5.x for Windows". Archived from the original on 2014-10-19. https://web.archive.org/web/20141019005943/http://www.opera.com/docs/changelogs/windows/500-512/. Retrieved 2014-06-19. 
  92. "Changelog for Opera [8 Beta 2 for Windows"]. Archived from the original on 2005-11-23. https://web.archive.org/web/20051123055608/http://opera.com/docs/changelogs/windows/800b2/. Retrieved 2014-06-19. 
  93. "Web Specifications Supported in Opera 9". Archived from the original on 2014-10-26. https://web.archive.org/web/20141026185804/http://www.opera.com/docs/specs/opera9/. Retrieved 2014-06-19. 
  94. 94.0 94.1 "Opera: Opera 10 beta for Windows changelog". Archived from the original on 2014-10-23. https://web.archive.org/web/20141023083043/http://www.opera.com/docs/changelogs/windows/1000b1/. Retrieved 2014-06-19. 
  95. "About Opera 11.60 and new problems with some secure servers". 2011-12-11. Archived on 2012-01-18. Error: If you specify |archivedate=, you must also specify |archiveurl=. http://my.opera.com/securitygroup/blog/2011/12/11/opera-11-60-and-new-problems-with-some-secure-servers. 
  96. 96.0 96.1 96.2 "Security changes in Opera 25; the poodle attacks". 2014-10-15. Archived from the original on 2014-10-20. https://web.archive.org/web/20141020091840/http://blogs.opera.com/security/2014/10/security-changes-opera-25-poodle-attacks/. Retrieved 2014-10-28. 
  97. 97.0 97.1 97.2 97.3 "Unjam the logjam". 2015-06-09. Archived from the original on 2015-06-14. https://web.archive.org/web/20150614005330/http://blogs.opera.com/security/2015/06/unjam-the-logjam/. Retrieved 2015-06-11. 
  98. "Advisory: RC4 encryption protocol is vulnerable to certain brute force attacks". 2013-04-04. Archived from the original on 2015-03-15. https://web.archive.org/web/20150315052403/http://www.opera.com/ja/security/advisory/1046. Retrieved 2014-11-14. 
  99. "On the Precariousness of RC4". 2013-03-20. Archived from the original on 2013-11-12. https://web.archive.org/web/20131112235240/http://my.opera.com/securitygroup/blog/2013/03/20/on-the-precariousness-of-rc4. Retrieved 2014-11-17. 
  100. 100.0 100.1 100.2 100.3 100.4 "Opera 12 and Opera Mail security update". 2016-02-16. Archived from the original on 2016-02-16. https://web.archive.org/web/20160216143015/http://www.opera.com/blogs/security/2016/02/opera-12-and-opera-mail-security-update/. Retrieved 2016-02-17. 
  101. "Dev.Opera — Opera 14 for Android Is Out!". 2013-05-21. Archived from the original on 2015-01-30. https://web.archive.org/web/20150130172538/https://dev.opera.com/blog/opera-14-for-android-is-out/. Retrieved 2014-09-23. 
  102. "Dev.Opera — Introducing Opera 15 for Computers, and a Fast Release Cycle". 2013-07-02. Archived from the original on 2014-09-02. https://web.archive.org/web/20140902081954/https://dev.opera.com/blog/introducing-opera-15-for-desktop-and-a-fast-release-cycle/. Retrieved 2014-09-23. 
  103. 103.0 103.1 same as Chrome 26–29
  104. 104.0 104.1 same as Chrome 30 and later
  105. 105.0 105.1 same as Chrome 33 and later
  106. Adrian, Dimcev. "Common browsers/libraries/servers and the associated cipher suites implemented". TLS Cipher Suites Project. Archived from the original on 2013-04-17. https://www.webcitation.org/6FwL0CvUM?url=http://www.carbonwind.net/TLS_Cipher_Suites_Project/tls_ssl_cipher_suites_annex_a1_main.docx. 
  107. Apple (2009-06-10). "Features". Archived from the original on 2013-04-17. https://www.webcitation.org/6FwL0oLMO?url=http://www.apple.com/safari/features.html. Retrieved 2009-06-10. 
  108. "Curl: Patch to add TLS 1.1 and 1.2 support & replace deprecated functions in SecureTransport". Archived from the original on 2017-03-01. https://web.archive.org/web/20170301142904/https://curl.haxx.se/mail/lib-2012-08/0120.html. 
  109. Qualys SSL Report: google.co.uk (simulation Safari 5.1.9 TLS 1.0)
  110. "Apple Secures Mac OS X with Mavericks Release – eSecurity Planet". 2013-10-25. Archived from the original on 2014-07-08. https://web.archive.org/web/20140708195022/http://www.esecurityplanet.com/mac-os-security/apple-secures-mac-os-x-with-mavericks-release.html. Retrieved 2014-06-23. 
  111. Ristic, Ivan. "Is BEAST Still a Threat?". qualys.com. Archived from the original on 2014-10-12. https://web.archive.org/web/20141012121824/https://community.qualys.com/blogs/securitylabs/2013/09/10/is-beast-still-a-threat. 
  112. 112.0 112.1 Ristić, Ivan (2013-10-31). "Apple enabled BEAST mitigations in OS X 10.9 Mavericks". Archived from the original on 2013-11-07. https://web.archive.org/web/20131107045223/http://blog.ivanristic.com/2013/10/apple-enabled-beast-mitigations-in-mavericks.html. Retrieved 2013-11-07. 
  113. Ristić, Ivan (2014-02-26). "Apple finally releases patch for BEAST". Archived from the original on 2014-07-14. https://web.archive.org/web/20140714162556/https://community.qualys.com/thread/12496. Retrieved 2014-07-01. 
  114. "About Security Update 2014-005". Archived from the original on 2014-10-24. https://web.archive.org/web/20141024181953/https://support.apple.com/kb/HT6531. 
  115. "About the security content of iOS 8.1". Archived from the original on 2014-10-23. https://web.archive.org/web/20141023104948/http://support.apple.com/kb/HT6541. 
  116. 116.0 116.1 116.2 "About Security Update 2015-002". Archived from the original on 2015-03-16. https://web.archive.org/web/20150316081731/https://support.apple.com/en-us/HT204413. Retrieved 2015-03-09. 
  117. 117.0 117.1 "About the security content of OS X Mavericks v10.9". Archived from the original on 2014-07-04. https://web.archive.org/web/20140704220956/http://support.apple.com/kb/HT6011. Retrieved 2014-06-20. 
  118. "User Agent Capabilities: Safari 8 / OS X 10.10". Qualsys SSL Labs. Archived from the original on 2015-09-06. https://web.archive.org/web/20150906044018/https://www.ssllabs.com/ssltest/viewClient.html?name=Safari&version=8&platform=OS%20X%2010.10. Retrieved 2015-03-07. 
  119. "About the security content of OS X Yosemite v10.10.4 and Security Update 2015-005". Archived from the original on 2015-07-02. https://web.archive.org/web/20150702202131/https://support.apple.com/en-us/HT204942. Retrieved 2015-07-03. 
  120. 120.0 120.1 "TLS 1.3 Support Coming with Safari 12.1". 2019-02-23. https://dev.iachieved.it/iachievedit/tls-1-3-support-coming-with-safari-12-1. 
  121. 121.0 121.1 121.2 Apple (2011-10-14). "Technical Note TN2287 – iOS 5 and TLS 1.2 Interoperability Issues". Archived from the original on 2011-09-07. https://web.archive.org/web/20110907013839/http://developer.apple.com/library/iOS/#technotes/tn2287/_index.html. Retrieved 2012-12-10. 
  122. Liebowitz, Matt (2011-10-13). "Apple issues huge software security patches". NBCNews.com. http://www.nbcnews.com/id/44896639. Retrieved 2012-12-10. 
  123. MWR Info Security (2012-04-16). "Adventures with iOS UIWebviews". Archived from the original on 2013-04-17. https://www.webcitation.org/6FwL2M2Mc?url=http://labs.mwrinfosecurity.com/blog/2012/04/16/adventures-with-ios-uiwebviews/. Retrieved 2012-12-10. , section "HTTPS (SSL/TLS)"
  124. "Secure Transport Reference". Archived from the original on 2014-06-04. https://web.archive.org/web/20140604052511/https://developer.apple.com/library/Mac/documentation/Security/Reference/secureTransportRef/Reference/reference.html#//apple_ref/c/tdef/SSLProtocol. Retrieved 2014-06-23.  kSSLProtocol2 is deprecated in iOS
  125. "iPhone 3.0: Mobile Safari Gets Enhanced Security Certificate Visualization". 2009-03-31. Archived on 2009-04-03. Error: If you specify |archivedate=, you must also specify |archiveurl=. http://www.theiphoneblog.com/2009/03/31/iphone-30-mobile-safari-enhanced-security-certificate-visualization/. 
  126. "Qualys SSL Labs – Projects / User Agent Capabilities: Safari 7 / iOS 7.1". Archived from the original on 2017-03-13. https://web.archive.org/web/20170313130545/https://www.ssllabs.com/ssltest/viewClient.html?name=Safari&version=7&platform=iOS%207.1. 
  127. schurtertom (2013-10-11). "SOAP Request fails randomly on one Server but works on another on iOS7". https://stackoverflow.com/q/19221568. Retrieved 2014-01-05. 
  128. "User Agent Capabilities: Safari 8 / iOS 8.1.2". Qualsys SSL Labs. Archived from the original on 2016-03-04. https://web.archive.org/web/20160304062526/https://www.ssllabs.com/ssltest/viewClient.html?name=Safari&version=8&platform=iOS%208.1.2. Retrieved 2015-03-07. 
  129. "About the security content of iOS 8.2". Archived from the original on 2015-03-09. https://web.archive.org/web/20150309201042/https://support.apple.com/en-us/HT204423. Retrieved 2015-03-09. 
  130. "About the security content of iOS 8.4". Archived from the original on 2015-07-03. https://web.archive.org/web/20150703014410/https://support.apple.com/en-us/HT204941. Retrieved 2015-07-03. 
  131. 131.0 131.1 Pauly, Tommy (2019-01-29). "TLS 1.3 in iOS". tls@ietf.org (Mailing list).
  132. Oracle. "7093640: Enable client-side TLS 1.2 by default". https://bugs.openjdk.java.net/browse/JDK-7093640. Retrieved 2018-08-30. 
  133. Oracle. "JEP 332: Transport Layer Security (TLS) 1.3". https://bugs.openjdk.java.net/browse/JDK-8145252. Retrieved 2018-08-30. 
  134. "Version 1.11.13, 2015-01-11 — Botan". 2015-01-11. Archived from the original on 2015-01-09. https://web.archive.org/web/20150109154102/http://botan.randombit.net/relnotes/1_11_13.html. Retrieved 2015-01-16. 
  135. "[gnutls-devel GnuTLS 3.4.0 released"]. 2015-04-08. Archived from the original on 2015-04-16. https://web.archive.org/web/20150416005543/http://lists.gnutls.org/pipermail/gnutls-devel/2015-April/007535.html. Retrieved 2015-04-16. 
  136. "[gnutls-devel gnutls 3.6.3"]. 2018-07-16. https://lists.gnupg.org/pipermail/gnutls-devel/2018-July/008584.html. Retrieved 2018-09-16. 
  137. "Java™ SE Development Kit 8, Update 31 Release Notes". Archived from the original on 2015-01-21. https://web.archive.org/web/20150121105601/http://www.oracle.com/technetwork/java/javase/8u31-relnotes-2389094.html. Retrieved 2015-01-22. 
  138. "OpenBSD 5.6 Released". 2014-11-01. https://marc.info/?l=openbsd-announce&m=141486254309079&w=2. Retrieved 2015-01-20. 
  139. "LibreSSL 2.3.0 Released". 2015-09-23. https://marc.info/?l=openbsd-announce&m=144304330731220. Retrieved 2015-09-24. 
  140. "MatrixSSL – News". Archived from the original on 2015-02-14. https://web.archive.org/web/20150214105056/http://www.matrixssl.org/news.html. Retrieved 2014-11-09. 
  141. "mbed TLS 2.0.0 released". 2015-07-10. Archived from the original on 2015-09-25. https://web.archive.org/web/20150925030547/https://tls.mbed.org/tech-updates/releases/mbedtls-2.0.0-released. Retrieved 2015-07-14. 
  142. "NSS 3.19 release notes". Mozilla Developer Network. Mozilla. Archived from the original on 2015-06-05. https://web.archive.org/web/20150605054647/https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19_release_notes. Retrieved 2015-05-06. 
  143. "NSS 3.14 release notes". Mozilla Developer Network. Mozilla. Archived from the original on 2013-01-17. https://web.archive.org/web/20130117130029/https://developer.mozilla.org/en-US/docs/NSS/NSS_3.14_release_notes. Retrieved 2012-10-27. 
  144. "NSS 3.15.1 release notes". Mozilla Developer Network. Mozilla. Archived from the original on 2013-09-22. https://web.archive.org/web/20130922223238/https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.1_release_notes. Retrieved 2013-08-10. 
  145. "NSS 3.39 release notes". 2018-08-31. https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.39_release_notes#Notable_Changes_in_NSS_3.39. Retrieved 2018-09-14. 
  146. "OpenSSL 1.1.0 Series Release Notes". Archived from the original on 2016-08-25. https://web.archive.org/web/20160825171308/https://www.openssl.org/news/openssl-1.1.0-notes.html. Retrieved 2016-10-02. 
  147. 147.0 147.1 "Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.1 [14 Mar 2012"]. 2012-03-14. Archived from the original on January 20, 2015. https://web.archive.org/web/20150120120428/https://www.openssl.org/news/openssl-1.0.1-notes.html. Retrieved 2015-01-20. 
  148. "OpenSSL 1.1.1 Is Released". 2018-09-11. https://www.openssl.org/blog/blog/2018/09/11/release111/. Retrieved 2018-09-14. 
  149. "RSA BSAFE Technical Specification Comparison Tables". Archived from the original on 2015-09-24. https://web.archive.org/web/20150924043531/http://www.emc.com/collateral/data-sheet/11433-bsafe-tech-table.pdf. 
  150. TLS cipher suites in Microsoft Windows XP and 2003
  151. 151.0 151.1 SChannel Cipher Suites in Microsoft Windows Vista
  152. 152.0 152.1 152.2 TLS Cipher Suites in SChannel for Windows 7, 2008R2, 8, 2012
  153. "[wolfssl wolfSSL 3.6.6 Released"]. 2015-08-20. Archived from the original on 2015-10-17. https://web.archive.org/web/20151017033726/https://wolfssl.com/wolfSSL/Blog/Entries/2015/8/24_wolfSSL_3.6.6_is_Now_Available.html. Retrieved 2015-08-25. 
  154. "[wolfssl wolfSSL TLS1.3 support"]. 2017-02-13. https://github.com/wolfSSL/wolfssl/pull/661. Retrieved 2017-02-13. 
  155. "NSS 3.24 release notes". Mozilla Developer Network. Mozilla. Archived from the original on 2016-08-26. https://web.archive.org/web/20160826100711/https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.24_release_notes. Retrieved 2016-06-19. 
  156. "Technical Note TN2287: iOS 5 and TLS 1.2 Interoperability Issues". iOS Developer Library. Apple Inc.. Archived from the original on 2015-04-03. https://web.archive.org/web/20150403092122/https://developer.apple.com/library/ios/technotes/tn2287/. Retrieved 2012-05-03. 
  157. Qualys SSL Labs – Projects / User Agent Capabilities
  158. Georgiev, Martin and Iyengar, Subodh and Jana, Suman and Anubhai, Rishita and Boneh, Dan and Shmatikov, Vitaly (2012). The most dangerous code in the world: validating SSL certificates in non-browser software. Proceedings of the 2012 ACM conference on Computer and communications security. pp. 38–49. ISBN 978-1-4503-1651-4. http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf. 

This article is based on material taken from the Free On-line Dictionary of Computing prior to 1 November 2008 and incorporated under the "relicensing" terms of the GFDL, version 1.3 or later.




Retrieved from "https://handwiki.org/wiki/index.php?title=Transport_Layer_Security_Adoption&oldid=2239447"