IETF officially deprecates TLS 1.0 and TLS 1.1

The Internet Engineering Task Force has formally deprecated the TLS 1.0 and TLS 1.1 cryptographic protocols on the grounds of security after several attacks were discovered over the past years that put encrypted internet communications relying on the two protocols at risk.

The IETF now recommends that all companies, government agencies, or software developers use the two latest versions of the TLS standard — namely TLS 1.2 and TLS 1.3, both deemed secure.

The formal deprecation process for both protocols started at the same time, in June 2018, and was driven by both the IETF and software vendors, including all the major browser makers.

The driving force behind the deprecation process was the large number of attacks that were revealed in previous years and which impacted the cryptographic algorithms at the base of the two protocols.

This included attacks like BEAST, POODLE, ROBOT, SWEET 32, LUCKY 13, and others, all of which showed how attackers could take advantage of weaknesses in both SSL and TLS 1.0/1.1 to compromise encrypted communications and attack organizations.

The recommended mitigations to address all these vulnerabilities were the same — to urge organizations to use newer versions of TLS that supported more powerful cryptographic algorithms that were resistant to attacks.

Browser makers help drive companies off TLS 1.0/1.1

But while the TLS 1.0/1.1 deprecation process formally started in June 2018, it got its biggest boost in October 2018 when all browser makers, such as Apple, Google, Microsoft, and Mozilla, announced plans to drop TLS 1.0 and TLS 1.1 from their code.

That process was scheduled for early 2020 but got delayed to the latter half of the year due to the COVID-19 pandemic, but the process has officially ended, and no modern browser today supports websites loaded via HTTPS set up via either TLS 1.0 or TLS 1.1.

But the deprecation process was also supported by adjacent organizations. For example, the PCI Council, which manages the PCI DSS standard, used as a minimum regulatory compliance mechanism in many financial payment systems, has also mandated the use of at least TLS 1.2 since July 2018.

Various CERTs and national security agencies have also worked to alert companies and encourage them to migrate IT infrastructure to newer standards. One of the most recent efforts came from the US' shadowy National Security Agency (NSA), which issued a rare guidance document [PDF], urging companies and government organizations to replace obsolete protocols such as TLS 1.0 and TLS 1.1.

32 million devices still use TLS 1.0/1.1

However, despite these efforts, some organizations are still lagging behind, or the two protocols may never get to be replaced because it was shipped with servers running on devices that don't include an update mechanism.

Currently, according to IoT search engine Shodan, there are more than 32 million servers and devices still exposing a TLS 1.0 and TLS 1.1 connection point online.

TLS 1.0 and 1.1 have officially been deprecated. Here are the websites that still support them: https://t.co/OUYUCNgpo1 pic.twitter.com/0JVeaNgw4X

— Shodan (@shodanhq) March 25, 2021

While some systems may never be updated, it is crucial to understand that both protocols are extremely out of date, with TLS 1.0 being introduced in 1999, while TLS 1.1 was released in 2006, long before attackers had the computational resources they have today to orchestrate advanced heavy-duty cryptographic attacks.