Menu
Home Explore People Places Arts History Plants & Animals Science Life & Culture Technology
On this page
Version history for TLS/SSL support in web browsers
History of web browser protocol support

Version history for TLS/SSL support in web browsers tracks the implementation of Transport Layer Security protocol versions in major web browsers.

TLS/SSL support history of web browsers
Browseror OS APIVersionPlatformsSSL protocolsTLS protocolsCertificate supportVulnerabilityProtocol selection by user
SSL 2.0 (insecure)SSL 3.0 (insecure)TLS 1.0 (deprecated)TLS 1.1 (deprecated)TLS 1.2TLS 1.3EVSHA-2ECDSABEASTCRIMEPOODLE (SSLv3)RC4FREAKLogjam
Google Chrome(Chrome for Android)1–9Windows (10+)macOS (11+)LinuxAndroid (8.0+)iOS (16+)ChromeOSDisabled by defaultYesYesNoNoNoYes(only desktop)Requires SHA-2 compatible OSNeeds ECC compatible OSNot affectedVulnerable(HTTPS)VulnerableVulnerableVulnerable(except Windows)VulnerableYes
10–20NoYesYesNoNoNoYes(only desktop)Requires SHA-2 compatible OSNeeds ECC compatible OSNot affectedVulnerable(HTTPS/SPDY)VulnerableVulnerableVulnerable(except Windows)VulnerableYes
21NoYesYesNoNoNoYes(only desktop)Requires SHA-2 compatible OSNeeds ECC compatible OSNot affectedMitigatedVulnerableVulnerableVulnerable(except Windows)VulnerableYes
22–29NoYesYesYesNoNoYes(only desktop)Requires SHA-2 compatible OSNeeds ECC compatible OSNot affectedMitigatedVulnerableVulnerableVulnerable(except Windows)VulnerableTemporary
30–32NoYesYesYesYesNoYes(only desktop)Requires SHA-2 compatible OSNeeds ECC compatible OSNot affectedMitigatedVulnerableVulnerableVulnerable(except Windows)VulnerableTemporary
33–37NoYesYesYesYesNoYes(only desktop)Requires SHA-2 compatible OSNeeds ECC compatible OSNot affectedMitigatedPartly mitigatedLowest priorityVulnerable(except Windows)VulnerableTemporary
38, 39NoYesYesYesYesNoYes(only desktop)YesNeeds ECC compatible OSNot affectedMitigatedPartly mitigatedLowest priorityVulnerable(except Windows)VulnerableTemporary
40NoDisabled by defaultYesYesYesNoYes(only desktop)YesNeeds ECC compatible OSNot affectedMitigatedMitigatedLowest priorityVulnerable(except Windows)VulnerableYes
41, 42NoDisabled by defaultYesYesYesNoYes(only desktop)YesNeeds ECC compatible OSNot affectedMitigatedMitigatedLowest priorityMitigatedVulnerableYes
43NoDisabled by defaultYesYesYesNoYes(only desktop)YesNeeds ECC compatible OSNot affectedMitigatedMitigatedOnly as fallbackMitigatedVulnerableYes
44–47NoNoYesYesYesNoYes(only desktop)YesNeeds ECC compatible OSNot affectedMitigatedNot affectedOnly as fallbackMitigatedMitigatedTemporary
48, 49NoNoYesYesYesNoYes(only desktop)YesNeeds ECC compatible OSNot affectedMitigatedNot affectedDisabled by defaultMitigatedMitigatedTemporary
50–53NoNoYesYesYesNoYes(only desktop)YesYesNot affectedMitigatedNot affectedDisabled by defaultMitigatedMitigatedTemporary
54–66NoNoYesYesYesDisabled by default(draft version)Yes(only desktop)YesYesNot affectedMitigatedNot affectedDisabled by defaultMitigatedMitigatedTemporary
67–69NoNoYesYesYesYes(draft version)Yes(only desktop)YesYesNot affectedMitigatedNot affectedDisabled by defaultMitigatedMitigatedTemporary
70–83NoNoYesYesYesYesYes(only desktop)YesYesNot affectedMitigatedNot affectedDisabled by defaultMitigatedMitigatedTemporary
84–90NoNoWarn by defaultWarn by defaultYesYesYes(only desktop)YesYesNot affectedMitigatedNot affectedDisabled by defaultMitigatedMitigatedTemporary
91–135NoNoNoNoYesYesYes(only desktop)YesYesNot affectedMitigatedNot affectedDisabled by defaultMitigatedMitigatedTemporary
ESC 136137
Browseror OS APIVersionPlatformsSSL 2.0 (insecure)SSL 3.0 (insecure)TLS 1.0 (deprecated)TLS 1.1 (deprecated)TLS 1.2TLS 1.3EV certificateSHA-2 certificateECDSA certificateBEASTCRIMEPOODLE (SSLv3)RC4FREAKLogjamProtocol selection by user
Microsoft Edge(Chromium-based)OS-independent79–83Windows (10+)macOS (11+)Linux Android (8.0+)iOS (16+)NoNoYesYesYesYesYesYesYesMitigatedNot affectedNot affectedDisabled by defaultMitigatedMitigatedYes
84–90NoNoWarn by defaultWarn by defaultYesYesYesYesYesMitigatedNot affectedNot affectedDisabled by defaultMitigatedMitigatedYes
91-135NoNoNoNoYesYesYesYesYesMitigatedNot affectedNot affectedDisabled by defaultMitigatedMitigatedYes
ESC 136137
Browseror OS APIVersionPlatformsSSL 2.0 (insecure)SSL 3.0 (insecure)TLS 1.0 (deprecated)TLS 1.1 (deprecated)TLS 1.2TLS 1.3EV certificateSHA-2 certificateECDSA certificateBEASTCRIMEPOODLE (SSLv3)RC4FREAKLogjamProtocol selection by user
Mozilla Firefox(Firefox for mobile)1.0, 1.5Windows (10+)macOS (10.15+)LinuxAndroid (5.0+)iOS (15+)Firefox OSMaemoESR 115 only for:Windows (7–8.1)macOS (10.12–10.14)ESR 128+ only for:Windows (10+)macOS (10.15+)LinuxYesYesYesNoNoNoNoYesNoNot affectedNot affectedVulnerableVulnerableNot affectedVulnerableYes
2Disabled by defaultYesYesNoNoNoNoYesYesNot affectedNot affectedVulnerableVulnerableNot affectedVulnerableYes
3–7Disabled by defaultYesYesNoNoNoYesYesYesNot affectedNot affectedVulnerableVulnerableNot affectedVulnerableYes
8–10ESR 10NoYesYesNoNoNoYesYesYesNot affectedNot affectedVulnerableVulnerableNot affectedVulnerableYes
11–14NoYesYesNoNoNoYesYesYesNot affectedVulnerable(SPDY)VulnerableVulnerableNot affectedVulnerableYes
15–22ESR 17.0–17.0.10NoYesYesNoNoNoYesYesYesNot affectedMitigatedVulnerableVulnerableNot affectedVulnerableYes
ESR 17.0.11NoYesYesNoNoNoYesYesYesNot affectedMitigatedVulnerableLowest priorityNot affectedVulnerableYes
23NoYesYesDisabled by defaultNoNoYesYesYesNot affectedMitigatedVulnerableVulnerableNot affectedVulnerableYes
24, 25.0.0ESR 24.0–24.1.0NoYesYesDisabled by defaultDisabled by defaultNoYesYesYesNot affectedMitigatedVulnerableVulnerableNot affectedVulnerableYes
25.0.1, 26ESR 24.1.1–24.8.1NoYesYesDisabled by defaultDisabled by defaultNoYesYesYesNot affectedMitigatedVulnerableLowest priorityNot affectedVulnerableYes
27–33ESR 31.0–31.2.0NoYesYesYesYesNoYesYesYesNot affectedMitigatedVulnerableLowest priorityNot affectedVulnerableYes
34, 35ESR 31.3.0–31.7.0NoDisabled by defaultYesYesYesNoYesYesYesNot affectedMitigatedMitigatedLowest priorityNot affectedVulnerableYes
ESR 31.8.0NoDisabled by defaultYesYesYesNoYesYesYesNot affectedMitigatedMitigatedLowest priorityNot affectedMitigatedYes
36–38ESR 38.0–38.0.1NoDisabled by defaultYesYesYesNoYesYesYesNot affectedMitigatedMitigatedOnly as fallbackNot affectedVulnerableYes
ESR 38.1.0–38.8.0NoDisabled by defaultYesYesYesNoYesYesYesNot affectedMitigatedMitigatedOnly as fallbackNot affectedMitigatedYes
39–43NoNoYesYesYesNoYesYesYesNot affectedMitigatedNot affectedOnly as fallbackNot affectedMitigatedYes
44–48ESR 45NoNoYesYesYesNoYesYesYesNot affectedMitigatedNot affectedDisabled by defaultNot affectedMitigatedYes
49–59ESR 52NoNoYesYesYesDisabled by default(draft version)YesYesYesNot affectedMitigatedNot affectedDisabled by defaultNot affectedMitigatedYes
60–62ESR 60NoNoYesYesYesYes(draft version)YesYesYesNot affectedMitigatedNot affectedDisabled by defaultNot affectedMitigatedYes
63–77ESR 68NoNoYesYesYesYesYesYesYesNot affectedMitigatedNot affectedDisabled by defaultNot affectedMitigatedYes
78–138ESR 78–115.23ESR 128.0–128.10NoNoDisabled by defaultDisabled by defaultYesYesYesYesYesNot affectedMitigatedNot affectedDisabled by defaultNot affectedMitigatedYes
ESR 115.24
ESR 128.11
139
Browseror OS APIVersionPlatformsSSL 2.0 (insecure)SSL 3.0 (insecure)TLS 1.0 (deprecated)TLS 1.1 (deprecated)TLS 1.2TLS 1.3EV certificateSHA-2 certificateECDSA certificateBEASTCRIMEPOODLE (SSLv3)RC4FREAKLogjamProtocol selection by user
Microsoft Internet Explorer(1–10)Windows Schannel1.xWindows 3.1, 95, NT,Mac OS 7, 8No SSL/TLS support
2YesNoNoNoNoNoNoNoNoNo SSL 3.0 or TLS supportVulnerableVulnerableVulnerable
3YesYesNoNoNoNoNoNoNoVulnerableNot affectedVulnerableVulnerableVulnerableVulnerable?
4, 5, 6Windows 3.1, 95, 98, NT, 2000Mac OS 7.1, 8, X,Solaris, HP-UXYesYesDisabled by defaultNoNoNoNoNoNoVulnerableNot affectedVulnerableVulnerableVulnerableVulnerableYes
6Windows XPYesYesDisabled by defaultNoNoNoNoYes (Since SP3)NoMitigatedNot affectedVulnerableVulnerableVulnerableVulnerableYes
7, 8Disabled by defaultYesYesNoNoNoYesYes (Since SP3)NoMitigatedNot affectedVulnerableVulnerableVulnerableVulnerableYes
6Server 2003YesYesDisabled by defaultNoNoNoNoYes(KB938397+KB968730)NoMitigatedNot affectedVulnerableVulnerableMitigatedMitigatedYes
7, 8Disabled by defaultYesYesNoNoNoYesYes(KB938397+KB968730)NoMitigatedNot affectedVulnerableVulnerableMitigatedMitigatedYes
7, 8, 9Windows VistaDisabled by defaultYesYesNoNoNoYesYesYesMitigatedNot affectedVulnerableVulnerableMitigatedMitigatedYes
7, 8, 9Server 2008Disabled by defaultYesYesDisabled by default(KB4019276)Disabled by default(KB4019276)NoYesYesYesMitigatedNot affectedVulnerableVulnerableMitigatedMitigatedYes
8, 9, 107, 8Server 2008 R2Server 2012Disabled by defaultYesYesDisabled by defaultDisabled by defaultNoYesYesYesMitigatedNot affectedVulnerableLowest priorityMitigatedMitigatedYes
Internet Explorer 11Windows Schannel117, 8.1Server 2008 R2Server 2012Server 2012 R2Disabled by defaultDisabled by defaultDisabled by defaultDisabled by defaultYesNoYesYesYesMitigatedNot affectedMitigatedDisabled by defaultMitigatedMitigatedYes
Browseror OS APIVersionPlatformsSSL 2.0 (insecure)SSL 3.0 (insecure)TLS 1.0 (deprecated)TLS 1.1 (deprecated)TLS 1.2TLS 1.3EV certificateSHA-2 certificateECDSA certificateBEASTCRIMEPOODLE (SSLv3)RC4FREAKLogjamProtocol selection by user
Microsoft Edge(12–18)(EdgeHTML-based)Client onlyInternet Explorer 11Windows Schannel1112–13Windows 10 15071511Disabled by defaultYesYesYesYesNoYesYesYesMitigatedNot affectedMitigatedDisabled by defaultMitigatedMitigatedYes
1114–18(client only)Windows 10 16072004Windows Server (SAC)1709–2004NoDisabled by defaultYesYesYesNoYesYesYesMitigatedNot affectedMitigatedDisabled by defaultMitigatedMitigatedYes
Internet Explorer 11Windows Schannel11Windows 10 20H221H2Windows Server (SAC)20H2NoDisabled by defaultDisabled by defaultDisabled by defaultYesNoYesYesYesMitigatedNot affectedMitigatedDisabled by defaultMitigatedMitigatedYes
Windows 10 22H2
Windows SchannelWindows 11 21H2NoDisabled by defaultDisabled by defaultDisabled by defaultYesYesYesYesYesMitigatedNot affectedMitigatedDisabled by defaultMitigatedMitigatedYes
Windows 11 22H2(Home/Pro)NoDisabled by defaultDisabled by defaultDisabled by defaultYesYesYesYesYesMitigatedNot affectedMitigatedDisabled by defaultMitigatedMitigatedYes
Windows 11 22H2(Ent/Edu)
Windows 11 23H2(Home/Pro)NoDisabled by defaultDisabled by defaultDisabled by defaultYesYesYesYesYesMitigatedNot affectedMitigatedDisabled by defaultMitigatedMitigatedYes
Windows 11 23H2(Ent/Edu)
Windows 11 24H2NoDisabled by defaultDisabled by defaultDisabled by defaultYesYesYesYesYesMitigatedNot affectedMitigatedDisabled by defaultMitigatedMitigatedYes
Internet Explorer 11LTSB/LTSCWindows SchannelLTSB/LTSC11Windows 10LTSB 2015 (1507)Disabled by defaultYesDisabled by defaultDisabled by defaultYesNoYesYesYesMitigatedNot affectedMitigatedDisabled by defaultMitigatedMitigatedYes
Windows 10LTSB 2016 (1607)NoDisabled by defaultDisabled by defaultDisabled by defaultYesNoYesYesYesMitigatedNot affectedMitigatedDisabled by defaultMitigatedMitigatedYes
Windows Server 2016(LTSB/1607)NoDisabled by defaultDisabled by defaultDisabled by defaultYesNoYesYesYesMitigatedNot affectedMitigatedDisabled by defaultMitigatedMitigatedYes
Windows 10LTSC 2019 (1809)Windows Server 2019(LTSC/1809)NoDisabled by defaultDisabled by defaultDisabled by defaultYesNoYesYesYesMitigatedNot affectedMitigatedDisabled by defaultMitigatedMitigatedYes
Windows 10LTSC 2021 (21H2)NoDisabled by defaultDisabled by defaultDisabled by defaultYesNoYesYesYesMitigatedNot affectedMitigatedDisabled by defaultMitigatedMitigatedYes
Windows Server 2022(LTSC/21H2)NoDisabled by defaultDisabled by defaultDisabled by defaultYesYesYesYesYesMitigatedNot affectedMitigatedDisabled by defaultMitigatedMitigatedYes
Windows SchannelLTSCWindows 11LTSC 2024 (24H2)NoDisabled by defaultDisabled by defaultDisabled by defaultYesYesYesYesYesMitigatedNot affectedMitigatedDisabled by defaultMitigatedMitigatedYes
Windows Server 2025(LTSC/24H2)NoDisabled by defaultDisabled by defaultDisabled by defaultYesYesYesYesYesMitigatedNot affectedMitigatedDisabled by defaultMitigatedMitigatedYes
Browseror OS APIVersionPlatformsSSL 2.0 (insecure)SSL 3.0 (insecure)TLS 1.0 (deprecated)TLS 1.1 (deprecated)TLS 1.2TLS 1.3EV certificateSHA-2 certificateECDSA certificateBEASTCRIMEPOODLE (SSLv3)RC4FREAKLogjamProtocol selection by user
Microsoft Internet Explorer Mobile7–9Windows Phone 7, 7.5, 7.8Disabled by defaultYesYesNoNoNoNoYesYes?Not affectedVulnerableVulnerableVulnerableVulnerableOnly with 3rd party tools
10Windows Phone 8Disabled by defaultYesYesDisabled by defaultDisabled by defaultNoNoYesYesMitigatedNot affectedVulnerableVulnerableVulnerableVulnerableOnly with 3rd party tools
11Windows Phone 8.1Disabled by defaultYesYesYesYesNoNoYesYesMitigatedNot affectedVulnerableOnly as fallbackVulnerableVulnerableOnly with 3rd party tools
Microsoft Edge(13–15)(EdgeHTML-based)13Windows 10 Mobile 1511Disabled by defaultDisabled by defaultYesYesYesNoYesYesYesMitigatedNot affectedMitigatedDisabled by defaultMitigatedMitigatedNo
14, 15Windows 10 Mobile1607–1709NoDisabled by defaultYesYesYesNoYesYesYesMitigatedNot affectedMitigatedDisabled by defaultMitigatedMitigatedNo
Browseror OS APIVersionPlatformsSSL 2.0 (insecure)SSL 3.0 (insecure)TLS 1.0 (deprecated)TLS 1.1 (deprecated)TLS 1.2TLS 1.3EV certificateSHA-2 certificateECDSA certificateBEASTCRIMEPOODLE (SSLv3)RC4FREAKLogjamProtocol selection by user
Apple Safari1Mac OS X 10.2, 10.3NoYesYesNoNoNoNoNoNoVulnerableNot affectedVulnerableVulnerableVulnerableVulnerableNo
2–5Mac OS X 10.4, 10.5, Win XPNoYesYesNoNoNoYes (Since v3.2)NoNoVulnerableNot affectedVulnerableVulnerableVulnerableVulnerableNo
3–5Vista, Win 7NoYesYesNoNoNoYes (Since v3.2)NoYesVulnerableNot affectedVulnerableVulnerableVulnerableVulnerableNo
4–6Mac OS X 10.6, 10.7NoYesYesNoNoNoYesYesYesVulnerableNot affectedVulnerableVulnerableVulnerableVulnerableNo
6OS X 10.8NoYesYesNoNoNoYesYesYesMitigatedNot affectedMitigatedVulnerableMitigatedVulnerableNo
7, 9OS X 10.9NoYesYesYesYesNoYesYesYesMitigatedNot affectedMitigatedVulnerableMitigatedVulnerableNo
8–10OS X 10.10NoYesYesYesYesNoYesYesYesMitigatedNot affectedMitigatedLowest priorityMitigatedMitigatedNo
9–11OS X 10.11NoNoYesYesYesNoYesYesYesMitigatedNot affectedNot affectedLowest priorityMitigatedMitigatedNo
10–15macOS10.12, 10.13,10.14, 10.15NoNoYesYesYesYes (Since macOS 10.14.4)YesYesYesMitigatedNot affectedNot affectedDisabled by defaultMitigatedMitigatedNo
14–17macOS 11, 12NoNoYesYesYesYesYesYesYesMitigatedNot affectedNot affectedDisabled by defaultMitigatedMitigatedNo
16, 1718macOS 13NoNoYesYesYesYesYesYesYesMitigatedNot affectedNot affectedDisabled by defaultMitigatedMitigatedNo
1718macOS 14NoNoYesYesYesYesYesYesYesMitigatedNot affectedNot affectedDisabled by defaultMitigatedMitigatedNo
18macOS 15NoNoYesYesYesYesYesYesYesMitigatedNot affectedNot affectedDisabled by defaultMitigatedMitigatedNo
26macOS 26NoNo??YesYesYesYesYesMitigatedNot affectedNot affectedDisabled by defaultMitigatedMitigatedNo
Browseror OS APIVersionPlatformsSSL 2.0 (insecure)SSL 3.0 (insecure)TLS 1.0 (deprecated)TLS 1.1 (deprecated)TLS 1.2TLS 1.3EV certificateSHA-2 certificateECDSA certificateBEASTCRIMEPOODLE (SSLv3)RC4FREAKLogjamProtocol selection by user
Apple Safari(mobile)3iPhone OS 1, 2NoYesYesNoNoNoNoNoNoVulnerableNot affectedVulnerableVulnerableVulnerableVulnerableNo
4, 5iPhone OS 3, iOS 4NoYesYesNoNoNoYesYesYes (Since iOS 4)VulnerableNot affectedVulnerableVulnerableVulnerableVulnerableNo
5, 6iOS 5, 6NoYesYesYesYesNoYesYesYesVulnerableNot affectedVulnerableVulnerableVulnerableVulnerableNo
7iOS 7NoYesYesYesYesNoYesYesYesMitigatedNot affectedVulnerableVulnerableVulnerableVulnerableNo
8iOS 8NoYesYesYesYesNoYesYesYesMitigatedNot affectedMitigatedLowest priorityMitigatedMitigatedNo
9iOS 9NoNoYesYesYesNoYesYesYesMitigatedNot affectedNot affectedLowest priorityMitigatedMitigatedNo
10, 11iOS 10, 11NoNoYesYesYesNoYesYesYesMitigatedNot affectedNot affectedDisabled by defaultMitigatedMitigatedNo
12iOSiOS 12NoNoYesYesYesYes (Since iOS 12.2)YesYesYesMitigatedNot affectedNot affectedDisabled by defaultMitigatedMitigatedNo
13–16iOS13, 14, 15, 16NoNoYesYesYesYesYesYesYesMitigatedNot affectedNot affectedDisabled by defaultMitigatedMitigatedNo
iPadOS13, 14, 15, 16
17iOS 17NoNoYesYesYesYesYesYesYesMitigatedNot affectedNot affectedDisabled by defaultMitigatedMitigatedNo
iPadOS 17
18iOS 18NoNo??YesYesYesYesYesMitigatedNot affectedNot affectedDisabled by defaultMitigatedMitigatedNo
iPadOS 18
26iOS 26NoNo??YesYesYesYesYesMitigatedNot affectedNot affectedDisabled by defaultMitigatedMitigatedNo
iPadOS 26
Browseror OS APIVersionPlatformsSSL 2.0 (insecure)SSL 3.0 (insecure)TLS 1.0 (deprecated)TLS 1.1 (deprecated)TLS 1.2TLS 1.3EVSHA-2ECDSABEASTCRIMEPOODLE (SSLv3)RC4FREAKLogjamProtocol selection by user
Google Android OSAndroid 1.0–4.0.4NoYesYesNoNoNo?YesYes (Since 3.0)??VulnerableVulnerableVulnerableVulnerableNo
Android 4.1–4.4.4NoYesYesDisabled by defaultDisabled by defaultNo?YesYes??VulnerableVulnerableVulnerableVulnerableNo
Android 5.0–5.0.2NoYesYesYesYesNo?YesYes??VulnerableVulnerableVulnerableVulnerableNo
Android 5.1–5.1.1NoDisabled by defaultYesYesYesNo?YesYes??Not affectedOnly as fallbackMitigatedMitigatedNo
Android 6.07.1.2NoDisabled by defaultYesYesYesNo?YesYes??Not affectedDisabled by defaultMitigatedMitigatedNo
Android 8.09NoNoYesYesYesNo?YesYes??Not affectedDisabled by defaultMitigatedMitigatedNo
Android 1012LNoNoYesYesYesYes?YesYes??Not affectedDisabled by defaultMitigatedMitigatedNo
Android 13NoNoYesYesYesYes?YesYes??Not affectedDisabled by defaultMitigatedMitigatedNo
Android 14NoNoYesYesYesYes?YesYes??Not affectedDisabled by defaultMitigatedMitigatedNo
Android 15NoNo??YesYes?YesYes??Not affectedDisabled by defaultMitigatedMitigatedNo
Android 16NoNo??YesYes?YesYes??Not affectedDisabled by defaultMitigatedMitigatedNo
Browseror OS APIVersionPlatformsSSL 2.0 (insecure)SSL 3.0 (insecure)TLS 1.0 (deprecated)TLS 1.1 (deprecated)TLS 1.2TLS 1.3EV certificateSHA-2 certificateECDSA certificateBEASTCRIMEPOODLE (SSLv3)RC4FREAKLogjamProtocol selection by user
Color or NoteSignificance
Browser versionPlatform
Browser versionOperating systemFuture release; under development
Browser versionOperating systemCurrent latest release
Browser versionOperating systemFormer release; still supported
Browser versionOperating systemFormer release; long-term support still active, but will end in less than 12 months
Browser versionOperating systemFormer release; no longer supported
Operating systemMixed/Unspecified
Operating system (Version+)Minimum required operating system version (for supported versions of the browser)
Operating systemNo longer supported for this operating system
Notes
We don't have any images related to Version history for TLS/SSL support in web browsers yet.
We don't have any YouTube videos related to Version history for TLS/SSL support in web browsers yet.
We don't have any PDF documents related to Version history for TLS/SSL support in web browsers yet.
We don't have any Books related to Version history for TLS/SSL support in web browsers yet.
We don't have any archived web articles related to Version history for TLS/SSL support in web browsers yet.

References

  1. Note actual security depends on other factors such as negotiated cipher, encryption strength, etc. (see § Cipher table).

  2. Whether a user or administrator can choose the protocols to be used or not. If yes, several attacks such as BEAST (vulnerable in SSL 3.0 and TLS 1.0) or POODLE (vulnerable in SSL 3.0) can be avoided.

  3. Whether EV SSL and DV SSL (normal SSL) can be distinguished by indicators (green lock icon, green address bar, etc.) or not.

  4. "What browsers support Extended Validation (EV) and display an EV indicator?". Symantec. Archived from the original on 2015-12-31. Retrieved 2014-07-28. https://web.archive.org/web/20151231171309/https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=SO10090&actp=search&viewlocale=en_US&searchid=1406590748892

  5. "SHA-256 Compatibility". Archived from the original on 2015-07-01. Retrieved 2015-06-12. https://support.globalsign.com/customer/portal/articles/1499561-sha-256-compatibility

  6. "ECC Compatibility". Archived from the original on 2016-02-17. Retrieved 2015-06-13. https://support.globalsign.com/customer/portal/articles/1995283-ecc-compatibility

  7. e.g. 1/n-1 record splitting.

  8. e.g. Disabling header compression in HTTPS/SPDY. /wiki/HTTPS

  9. Complete mitigations; disabling SSL 3.0 itself, "anti-POODLE record splitting". "Anti-POODLE record splitting" is effective only with client-side implementation and valid according to the SSL 3.0 specification, however, it may also cause compatibility issues due to problems in server-side implementations. Partial mitigations; disabling fallback to SSL 3.0, TLS_FALLBACK_SCSV, disabling cipher suites with CBC mode of operation. If the server also supports TLS_FALLBACK_SCSV, the POODLE attack will fail against this combination of server and browser, but connections where the server does not support TLS_FALLBACK_SCSV and does support SSL 3.0 will still be vulnerable. If disabling cipher suites with CBC mode of operation in SSL 3.0, only cipher suites with RC4 are available, RC4 attacks become easier. When disabling SSL 3.0 manually, POODLE attack will fail. /wiki/Block_cipher_mode_of_operation#Cipher-block_chaining_(CBC)

  10. Complete mitigation; disabling cipher suites with RC4. Partial mitigations to keeping compatibility with old systems; setting the priority of RC4 to lower.

  11. "Tracking the FREAK Attack". Archived from the original on 2015-03-06. Retrieved 2015-03-08. https://freakattack.com

  12. "FREAK: Factoring RSA Export Keys". Archived from the original on 2015-03-11. Retrieved 2015-03-08. https://www.smacktls.com/#freak

  13. Google Chrome (and Chromium) supports TLS 1.0, and TLS 1.1 from version 22 (it was added, then dropped from version 21). TLS 1.2 support had been added, then dropped from Chrome 29.[6][7][8] /wiki/Google_Chrome

  14. Uses the TLS implementation provided by BoringSSL for Android, OS X, and Windows[9] or by NSS for Linux. Google is switching the TLS library used in Chrome to BoringSSL from NSS completely. /wiki/BoringSSL

  15. "SHA-256 Compatibility". Archived from the original on 2015-07-01. Retrieved 2015-06-12. https://support.globalsign.com/customer/portal/articles/1499561-sha-256-compatibility

  16. "ECC Compatibility". Archived from the original on 2016-02-17. Retrieved 2015-06-13. https://support.globalsign.com/customer/portal/articles/1995283-ecc-compatibility

  17. "Chrome Stable Release". Chrome Releases. 2011-10-25. Archived from the original on 2015-02-20. Retrieved 2015-02-01. http://googlechromereleases.blogspot.jp/2011/10/chrome-stable-release.html

  18. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  19. "SVN revision log on Chrome 10.0.648.127 release". Archived from the original on 2014-06-19. Retrieved 2014-06-19. https://archive.today/20140619142454/http://build.chromium.org/f/chromium/perf/dashboard/ui/changelog.html?url=/trunk/src&range=72316:67679&mode=html

  20. "SHA-256 Compatibility". Archived from the original on 2015-07-01. Retrieved 2015-06-12. https://support.globalsign.com/customer/portal/articles/1499561-sha-256-compatibility

  21. "ECC Compatibility". Archived from the original on 2016-02-17. Retrieved 2015-06-13. https://support.globalsign.com/customer/portal/articles/1995283-ecc-compatibility

  22. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  23. "SHA-256 Compatibility". Archived from the original on 2015-07-01. Retrieved 2015-06-12. https://support.globalsign.com/customer/portal/articles/1499561-sha-256-compatibility

  24. "ECC Compatibility". Archived from the original on 2016-02-17. Retrieved 2015-06-13. https://support.globalsign.com/customer/portal/articles/1995283-ecc-compatibility

  25. "ImperialViolet – CRIME". 2012-09-22. Archived from the original on 2015-01-10. Retrieved 2014-10-18. https://www.imperialviolet.org/2012/09/21/crime.html

  26. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  27. "SSL/TLS Overview". 2008-08-06. Archived from the original on 2013-07-03. Retrieved 2013-03-29. https://sites.google.com/site/tlsssloverview/ssl-v-tls/tls-versions-and-browser-compatability

  28. "SSL/TLS Overview". 2008-08-06. Archived from the original on 2013-07-03. Retrieved 2013-03-29. https://sites.google.com/site/tlsssloverview/ssl-v-tls/tls-versions-and-browser-compatability

  29. "Chromium Issue 90392". 2008-08-06. Archived from the original on 2013-08-03. Retrieved 2013-06-28. https://code.google.com/p/chromium/issues/detail?id=90392

  30. "Issue 23503030 Merge 219882". 2013-09-03. Archived from the original on 2014-02-26. Retrieved 2013-09-19. https://codereview.chromium.org/23503030

  31. "Issue 278370: Unable to submit client certificates over TLS 1.2 from Windows". 2013-08-23. Archived from the original on 2013-10-05. Retrieved 2013-10-03. https://code.google.com/p/chromium/issues/detail?id=278370

  32. "SHA-256 Compatibility". Archived from the original on 2015-07-01. Retrieved 2015-06-12. https://support.globalsign.com/customer/portal/articles/1499561-sha-256-compatibility

  33. "ECC Compatibility". Archived from the original on 2016-02-17. Retrieved 2015-06-13. https://support.globalsign.com/customer/portal/articles/1995283-ecc-compatibility

  34. configure the maximum and the minimum version of enabling protocols with command-line option. /wiki/Command-line

  35. "Chromium Issue 90392". 2008-08-06. Archived from the original on 2013-08-03. Retrieved 2013-06-28. https://code.google.com/p/chromium/issues/detail?id=90392

  36. "Issue 23503030 Merge 219882". 2013-09-03. Archived from the original on 2014-02-26. Retrieved 2013-09-19. https://codereview.chromium.org/23503030

  37. "Issue 278370: Unable to submit client certificates over TLS 1.2 from Windows". 2013-08-23. Archived from the original on 2013-10-05. Retrieved 2013-10-03. https://code.google.com/p/chromium/issues/detail?id=278370

  38. "SHA-256 Compatibility". Archived from the original on 2015-07-01. Retrieved 2015-06-12. https://support.globalsign.com/customer/portal/articles/1499561-sha-256-compatibility

  39. "ECC Compatibility". Archived from the original on 2016-02-17. Retrieved 2015-06-13. https://support.globalsign.com/customer/portal/articles/1995283-ecc-compatibility

  40. configure the maximum and the minimum version of enabling protocols with command-line option. /wiki/Command-line

  41. "SHA-256 Compatibility". Archived from the original on 2015-07-01. Retrieved 2015-06-12. https://support.globalsign.com/customer/portal/articles/1499561-sha-256-compatibility

  42. "ECC Compatibility". Archived from the original on 2016-02-17. Retrieved 2015-06-13. https://support.globalsign.com/customer/portal/articles/1995283-ecc-compatibility

  43. TLS_FALLBACK_SCSV is implemented.[17] Fallback to SSL 3.0 is disabled since version 39.[18]

  44. "Stable Channel Update". Mozilla Developer Network. 2014-02-20. Archived from the original on 2014-10-24. Retrieved 2014-11-14. http://googlechromereleases.blogspot.com/2014/02/stable-channel-update_20.html

  45. "Changelog for Chrome 33.0.1750.117". Google. Archived from the original on 2014-01-16. Retrieved 2014-11-14. https://archive.today/20140116153037/http://build.chromium.org/f/chromium/perf/dashboard/ui/changelog.html?url=/trunk/src&range=232870:241107&mode=html

  46. "Issue 318442: Update to NSS 3.15.3 and NSPR 4.10.2". Archived from the original on 2015-03-15. Retrieved 2014-11-14. https://code.google.com/p/chromium/issues/detail?id=318442

  47. configure the maximum and the minimum version of enabling protocols with command-line option. /wiki/Command-line

  48. "ECC Compatibility". Archived from the original on 2016-02-17. Retrieved 2015-06-13. https://support.globalsign.com/customer/portal/articles/1995283-ecc-compatibility

  49. configure the maximum and the minimum version of enabling protocols with command-line option. /wiki/Command-line

  50. "An update on SSLv3 in Chrome". Security-dev. 2014-10-31. Retrieved 2014-11-04. https://groups.google.com/a/chromium.org/forum/#!topic/security-dev/Vnhy9aKM_l4

  51. "Issue 693963003: Add minimum TLS version control to about:flags and Finch gate it. – Code Review". Archived from the original on 2015-04-16. Retrieved 2015-01-22. https://codereview.chromium.org/693963003

  52. "ECC Compatibility". Archived from the original on 2016-02-17. Retrieved 2015-06-13. https://support.globalsign.com/customer/portal/articles/1995283-ecc-compatibility

  53. In addition to TLS_FALLBACK_SCSV and disabling a fallback to SSL 3.0, SSL 3.0 itself is disabled by default.[18]

  54. Configure the minimum version of enabling protocols via chrome://flags[22] (the maximum version can be configured with command-line option).

  55. "ECC Compatibility". Archived from the original on 2016-02-17. Retrieved 2015-06-13. https://support.globalsign.com/customer/portal/articles/1995283-ecc-compatibility

  56. Configure the minimum version of enabling protocols via chrome://flags[22] (the maximum version can be configured with command-line option).

  57. "ECC Compatibility". Archived from the original on 2016-02-17. Retrieved 2015-06-13. https://support.globalsign.com/customer/portal/articles/1995283-ecc-compatibility

  58. Only when no cipher suites with other than RC4 is available, cipher suites with RC4 will be used as a fallback.

  59. "Issue 375342: Drop RC4 Support". Archived from the original on 2015-09-12. Retrieved 2015-05-22. https://code.google.com/p/chromium/issues/detail?id=375342

  60. Configure the minimum version of enabling protocols via chrome://flags[22] (the maximum version can be configured with command-line option).

  61. "Issue 436391: Add info on end of life of SSLVersionFallbackMin & SSLVersionMin policy in documentation". Archived from the original on 2015-04-18. Retrieved 2015-04-19. https://code.google.com/p/chromium/issues/detail?id=436391

  62. "ECC Compatibility". Archived from the original on 2016-02-17. Retrieved 2015-06-13. https://support.globalsign.com/customer/portal/articles/1995283-ecc-compatibility

  63. Only when no cipher suites with other than RC4 is available, cipher suites with RC4 will be used as a fallback.

  64. "Issue 490240: Increase minimum DH size to 1024 bits (tracking bug)". Archived from the original on 2015-09-12. Retrieved 2015-05-29. https://code.google.com/p/chromium/issues/detail?id=490240

  65. configure the maximum and the minimum version of enabling protocols with command-line option. /wiki/Command-line

  66. "ECC Compatibility". Archived from the original on 2016-02-17. Retrieved 2015-06-13. https://support.globalsign.com/customer/portal/articles/1995283-ecc-compatibility

  67. All RC4 cipher suites are disabled by default.

  68. "Intent to deprecate: RC4". Retrieved 2015-12-21. https://groups.google.com/a/chromium.org/forum/#!msg/security-dev/kVfCywocUO8/2BW3INFdDwAJ

  69. "An update on SHA-1 certificates in Chrome". 2015-12-18. Archived from the original on 2015-12-18. Retrieved 2015-12-21. https://googleonlinesecurity.blogspot.com/2015/12/an-update-on-sha-1-certificates-in.html

  70. configure the maximum and the minimum version of enabling protocols with command-line option. /wiki/Command-line

  71. All RC4 cipher suites are disabled by default.

  72. "Intent to deprecate: RC4". Retrieved 2015-12-21. https://groups.google.com/a/chromium.org/forum/#!msg/security-dev/kVfCywocUO8/2BW3INFdDwAJ

  73. "An update on SHA-1 certificates in Chrome". 2015-12-18. Archived from the original on 2015-12-18. Retrieved 2015-12-21. https://googleonlinesecurity.blogspot.com/2015/12/an-update-on-sha-1-certificates-in.html

  74. configure the maximum and the minimum version of enabling protocols with command-line option. /wiki/Command-line

  75. All RC4 cipher suites are disabled by default.

  76. "Intent to deprecate: RC4". Retrieved 2015-12-21. https://groups.google.com/a/chromium.org/forum/#!msg/security-dev/kVfCywocUO8/2BW3INFdDwAJ

  77. "An update on SHA-1 certificates in Chrome". 2015-12-18. Archived from the original on 2015-12-18. Retrieved 2015-12-21. https://googleonlinesecurity.blogspot.com/2015/12/an-update-on-sha-1-certificates-in.html

  78. configure the maximum and the minimum version of enabling protocols with command-line option. /wiki/Command-line

  79. All RC4 cipher suites are disabled by default.

  80. "Intent to deprecate: RC4". Retrieved 2015-12-21. https://groups.google.com/a/chromium.org/forum/#!msg/security-dev/kVfCywocUO8/2BW3INFdDwAJ

  81. "An update on SHA-1 certificates in Chrome". 2015-12-18. Archived from the original on 2015-12-18. Retrieved 2015-12-21. https://googleonlinesecurity.blogspot.com/2015/12/an-update-on-sha-1-certificates-in.html

  82. configure the maximum and the minimum version of enabling protocols with command-line option. /wiki/Command-line

  83. All RC4 cipher suites are disabled by default.

  84. "Intent to deprecate: RC4". Retrieved 2015-12-21. https://groups.google.com/a/chromium.org/forum/#!msg/security-dev/kVfCywocUO8/2BW3INFdDwAJ

  85. "An update on SHA-1 certificates in Chrome". 2015-12-18. Archived from the original on 2015-12-18. Retrieved 2015-12-21. https://googleonlinesecurity.blogspot.com/2015/12/an-update-on-sha-1-certificates-in.html

  86. configure the maximum and the minimum version of enabling protocols with command-line option. /wiki/Command-line

  87. All RC4 cipher suites are disabled by default.

  88. "Intent to deprecate: RC4". Retrieved 2015-12-21. https://groups.google.com/a/chromium.org/forum/#!msg/security-dev/kVfCywocUO8/2BW3INFdDwAJ

  89. "An update on SHA-1 certificates in Chrome". 2015-12-18. Archived from the original on 2015-12-18. Retrieved 2015-12-21. https://googleonlinesecurity.blogspot.com/2015/12/an-update-on-sha-1-certificates-in.html

  90. configure the maximum and the minimum version of enabling protocols with command-line option. /wiki/Command-line

  91. "Chrome Enterprise release notes - Google Chrome Enterprise Help". https://support.google.com/chrome/a/answer/7679408?hl=en

  92. "Chrome Enterprise release notes - Google Chrome Enterprise Help". https://support.google.com/chrome/a/answer/7679408?hl=en

  93. All RC4 cipher suites are disabled by default.

  94. "Intent to deprecate: RC4". Retrieved 2015-12-21. https://groups.google.com/a/chromium.org/forum/#!msg/security-dev/kVfCywocUO8/2BW3INFdDwAJ

  95. "An update on SHA-1 certificates in Chrome". 2015-12-18. Archived from the original on 2015-12-18. Retrieved 2015-12-21. https://googleonlinesecurity.blogspot.com/2015/12/an-update-on-sha-1-certificates-in.html

  96. configure the maximum and the minimum version of enabling protocols with command-line option. /wiki/Command-line

  97. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  98. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  99. "Microsoft Edge Browser Policy Documentation | Microsoft Docs". Docs.microsoft.com. 2021-10-15. Retrieved 2022-02-15. https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-policies#sslversionmin

  100. "Microsoft Edge Browser Policy Documentation | Microsoft Docs". Docs.microsoft.com. 2021-10-15. Retrieved 2022-02-15. https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-policies#sslversionmin

  101. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  102. Uses the TLS implementation provided by NSS. As of Firefox 22, Firefox supports only TLS 1.0 despite the bundled NSS supporting TLS 1.1. Since Firefox 23, TLS 1.1 can be enabled, but was not enabled by default due to issues. Firefox 24 has TLS 1.2 support disabled by default. TLS 1.1 and TLS 1.2 have been enabled by default in Firefox 27 release. /wiki/Network_Security_Services

  103. "Security in Firefox 2". 2008-08-06. Archived from the original on 2014-07-14. Retrieved 2009-03-31. https://developer.mozilla.org/en-US/Firefox/Releases/2/Security_changes

  104. "Security in Firefox 2". 2008-08-06. Archived from the original on 2014-07-14. Retrieved 2009-03-31. https://developer.mozilla.org/en-US/Firefox/Releases/2/Security_changes

  105. "Security in Firefox 2". 2008-08-06. Archived from the original on 2014-07-14. Retrieved 2009-03-31. https://developer.mozilla.org/en-US/Firefox/Releases/2/Security_changes

  106. "SHA-256 Compatibility". Archived from the original on 2015-07-01. Retrieved 2015-06-12. https://support.globalsign.com/customer/portal/articles/1499561-sha-256-compatibility

  107. "Attack against TLS-protected communications". Mozilla Security Blog. Mozilla. 2011-09-27. Archived from the original on 2015-03-04. Retrieved 2015-02-01. https://blog.mozilla.org/security/2011/09/27/attack-against-tls-protected-communications

  108. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  109. "Security in Firefox 2". 2008-08-06. Archived from the original on 2014-07-14. Retrieved 2009-03-31. https://developer.mozilla.org/en-US/Firefox/Releases/2/Security_changes

  110. "Introduction to SSL". MDN. Archived from the original on 2014-07-14. Retrieved 2014-06-19. https://developer.mozilla.org/en-US/docs/Introduction_to_SSL

  111. "ECC Compatibility". Archived from the original on 2016-02-17. Retrieved 2015-06-13. https://support.globalsign.com/customer/portal/articles/1995283-ecc-compatibility

  112. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  113. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  114. "Introduction to SSL". MDN. Archived from the original on 2014-07-14. Retrieved 2014-06-19. https://developer.mozilla.org/en-US/docs/Introduction_to_SSL

  115. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  116. "ImperialViolet – CRIME". 2012-09-22. Archived from the original on 2015-01-10. Retrieved 2014-10-18. https://www.imperialviolet.org/2012/09/21/crime.html

  117. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  118. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  119. "NSS 3.15.3 Release Notes". Mozilla Developer Network. Mozilla. Archived from the original on 2014-06-05. Retrieved 2014-07-13. https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.15.3_release_notes

  120. "MFSA 2013-103: Miscellaneous Network Security Services (NSS) vulnerabilities". Mozilla. Archived from the original on 2014-07-14. Retrieved 2014-07-13. https://www.mozilla.org/security/announce/2013/mfsa2013-103.html

  121. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  122. "Bug 565047 – (RFC4346) Implement TLS 1.1 (RFC 4346)". Retrieved 2013-10-29. https://bugzilla.mozilla.org/show_bug.cgi?id=565047

  123. Configure the maximum and the minimum version of enabling protocols via about:config.

  124. "Bug 480514 – Implement support for TLS 1.2 (RFC 5246)". Retrieved 2013-10-29. https://bugzilla.mozilla.org/show_bug.cgi?id=480514

  125. Configure the maximum and the minimum version of enabling protocols via about:config.

  126. "NSS 3.15.3 Release Notes". Mozilla Developer Network. Mozilla. Archived from the original on 2014-06-05. Retrieved 2014-07-13. https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.15.3_release_notes

  127. "MFSA 2013-103: Miscellaneous Network Security Services (NSS) vulnerabilities". Mozilla. Archived from the original on 2014-07-14. Retrieved 2014-07-13. https://www.mozilla.org/security/announce/2013/mfsa2013-103.html

  128. Configure the maximum and the minimum version of enabling protocols via about:config.

  129. "Bug 733647 – Implement TLS 1.1 (RFC 4346) in Gecko (Firefox, Thunderbird), on by default". Retrieved 2013-12-04. https://bugzilla.mozilla.org/show_bug.cgi?id=733647

  130. "Firefox Notes – Desktop". 2014-02-04. Archived from the original on 2014-02-07. Retrieved 2014-02-04. https://website-archive.mozilla.org/www.mozilla.org/firefox_releasenotes/en-US/firefox/27.0/releasenotes

  131. "Bug 861266 – Implement TLS 1.2 (RFC 5246) in Gecko (Firefox, Thunderbird), on by default". Retrieved 2013-11-18. https://bugzilla.mozilla.org/show_bug.cgi?id=861266

  132. "Firefox Notes – Desktop". 2014-02-04. Archived from the original on 2014-02-07. Retrieved 2014-02-04. https://website-archive.mozilla.org/www.mozilla.org/firefox_releasenotes/en-US/firefox/27.0/releasenotes

  133. Configure the maximum and the minimum version of enabling protocols via about:config.

  134. "The POODLE Attack and the End of SSL 3.0". Mozilla blog. Mozilla. 2014-10-14. Archived from the original on 2014-10-18. Retrieved 2014-10-28. https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0

  135. "Firefox — Notes (34.0) — Mozilla". mozilla.org. 2014-12-01. Archived from the original on 2015-04-09. Retrieved 2015-04-03. https://www.mozilla.org/en-US/firefox/34.0/releasenotes

  136. SSL 3.0 itself is disabled by default.[40] In addition, fallback to SSL 3.0 is disabled since version 34,[42] and TLS_FALLBACK_SCSV is implemented since 35.0 and ESR 31.3.0.[40][43]

  137. Configure the maximum and the minimum version of enabling protocols via about:config.

  138. "Bug 1166031 – Update to NSS 3.19.1". bugzilla.mozilla.org. Retrieved 2015-05-29. https://bugzilla.mozilla.org/show_bug.cgi?id=1166031

  139. Configure the maximum and the minimum version of enabling protocols via about:config.

  140. Only when no cipher suites with other than RC4 is available, cipher suites with RC4 will be used as a fallback.

  141. "Bug 1088915 – Stop offering RC4 in the first handshakes". bugzilla.mozilla.org. Retrieved 2014-11-04. https://bugzilla.mozilla.org/show_bug.cgi?id=1088915

  142. Configure the maximum and the minimum version of enabling protocols via about:config.

  143. Only when no cipher suites with other than RC4 is available, cipher suites with RC4 will be used as a fallback.

  144. "Bug 1166031 – Update to NSS 3.19.1". bugzilla.mozilla.org. Retrieved 2015-05-29. https://bugzilla.mozilla.org/show_bug.cgi?id=1166031

  145. Configure the maximum and the minimum version of enabling protocols via about:config.

  146. "Firefox — Notes (39.0) — Mozilla". mozilla.org. 2015-06-30. Archived from the original on 2015-07-03. Retrieved 2015-07-03. https://www.mozilla.org/en-US/firefox/39.0/releasenotes

  147. Only when no cipher suites with other than RC4 is available, cipher suites with RC4 will be used as a fallback.

  148. "Bug 1166031 – Update to NSS 3.19.1". bugzilla.mozilla.org. Retrieved 2015-05-29. https://bugzilla.mozilla.org/show_bug.cgi?id=1166031

  149. Configure the maximum and the minimum version of enabling protocols via about:config.

  150. All RC4 cipher suites are disabled by default.

  151. "Google, Microsoft, and Mozilla will drop RC4 encryption in Chrome, Edge, IE, and Firefox next year". VentureBeat. 2015-09-01. Archived from the original on 2015-09-05. Retrieved 2015-09-05. https://venturebeat.com/2015/09/01/google-microsoft-and-mozilla-will-drop-rc4-support-in-chrome-edge-ie-and-firefox-next-year

  152. "Intent to ship: RC4 disabled by default in Firefox 44". Archived from the original on 2011-01-22. Retrieved 2015-10-18. https://groups.google.com/forum/#!searchin/mozilla.dev.platform/rc4/mozilla.dev.platform/JIEFcrGhqSM/CIjtpwxoLQAJ

  153. "RC4 is now allowed only on whitelisted sites (Reverted)". Retrieved 2015-11-02. https://www.fxsitecompat.com/en-US/docs/2015/rc4-is-now-allowed-only-on-whitelisted-sites

  154. "Firefox — Notes (44.0) — Mozilla". mozilla.org. 2016-01-26. Archived from the original on 2016-03-04. Retrieved 2016-03-09. https://www.mozilla.org/en-US/firefox/44.0/releasenotes

  155. Configure the maximum and the minimum version of enabling protocols via about:config.

  156. "Bug 1342082 – Disable TLS 1.3 for FF52 Release". Retrieved 2017-03-29. https://bugzilla.mozilla.org/show_bug.cgi?id=1342082

  157. All RC4 cipher suites are disabled by default.

  158. Configure the maximum and the minimum version of enabling protocols via about:config.

  159. All RC4 cipher suites are disabled by default.

  160. Configure the maximum and the minimum version of enabling protocols via about:config.

  161. All RC4 cipher suites are disabled by default.

  162. Configure the maximum and the minimum version of enabling protocols via about:config.

  163. "Firefox 78.0, See All New Features, Updates and Fixes". https://www.mozilla.org/en-US/firefox/78.0/releasenotes

  164. "Firefox 78.0, See All New Features, Updates and Fixes". https://www.mozilla.org/en-US/firefox/78.0/releasenotes

  165. All RC4 cipher suites are disabled by default.

  166. Configure the maximum and the minimum version of enabling protocols via about:config.

  167. IE uses the TLS implementation of the Microsoft Windows operating system provided by the Schannel security support provider. TLS 1.1 and 1.2 are disabled by default until IE11.[53][54] /wiki/Schannel

  168. Windows NT 3.1 supports IE 1–2, Windows NT 3.5 supports IE 1–3, Windows NT 3.51 and Windows NT 4.0 supports IE 1–6. /wiki/Windows_NT_3.1

  169. Windows XP as well as Server 2003 and older support only weak ciphers like Triple DES and RC4 out of the box.[58] The weak ciphers of these Schannel version are not only used for IE, but also for other Microsoft products running on this OS, like Microsoft Office or Windows Update. Only Windows Server 2003 can get a manual update to support AES ciphers by KB948963[59] /wiki/Triple_DES

  170. "What browsers only support SSLv2?". Retrieved 2014-06-19. https://stackoverflow.com/q/881563

  171. Windows NT 3.1 supports IE 1–2, Windows NT 3.5 supports IE 1–3, Windows NT 3.51 and Windows NT 4.0 supports IE 1–6. /wiki/Windows_NT_3.1

  172. Windows XP as well as Server 2003 and older support only weak ciphers like Triple DES and RC4 out of the box.[58] The weak ciphers of these Schannel version are not only used for IE, but also for other Microsoft products running on this OS, like Microsoft Office or Windows Update. Only Windows Server 2003 can get a manual update to support AES ciphers by KB948963[59] /wiki/Triple_DES

  173. "What browsers only support SSLv2?". Retrieved 2014-06-19. https://stackoverflow.com/q/881563

  174. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  175. Windows XP as well as Server 2003 and older support only weak ciphers like Triple DES and RC4 out of the box.[58] The weak ciphers of these Schannel version are not only used for IE, but also for other Microsoft products running on this OS, like Microsoft Office or Windows Update. Only Windows Server 2003 can get a manual update to support AES ciphers by KB948963[59] /wiki/Triple_DES

  176. MS13-095 or MS14-049 for Windows Server 2003, Windows XP x64 and Windows XP SP3 (32-bit).

  177. "SHA2 and Windows – Windows PKI blog – Site Home – TechNet Blogs". 2010-09-30. Archived from the original on 2014-07-16. Retrieved 2014-07-29. https://blogs.technet.com/b/pki/archive/2010/09/30/sha2-and-windows.aspx

  178. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  179. "HTTPS Security Improvements in Internet Explorer 7". Archived from the original on 2013-10-10. Retrieved 2013-10-29. https://msdn.microsoft.com/en-us/library/bb250503.aspx

  180. "HTTPS Security Improvements in Internet Explorer 7". Archived from the original on 2013-10-10. Retrieved 2013-10-29. https://msdn.microsoft.com/en-us/library/bb250503.aspx

  181. MS13-095 or MS14-049 for Windows Server 2003, Windows XP x64 and Windows XP SP3 (32-bit).

  182. "SHA2 and Windows – Windows PKI blog – Site Home – TechNet Blogs". 2010-09-30. Archived from the original on 2014-07-16. Retrieved 2014-07-29. https://blogs.technet.com/b/pki/archive/2010/09/30/sha2-and-windows.aspx

  183. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  184. Windows XP as well as Server 2003 and older support only weak ciphers like Triple DES and RC4 out of the box.[58] The weak ciphers of these Schannel version are not only used for IE, but also for other Microsoft products running on this OS, like Microsoft Office or Windows Update. Only Windows Server 2003 can get a manual update to support AES ciphers by KB948963[59] /wiki/Triple_DES

  185. MS13-095 or MS14-049 for Windows Server 2003, Windows XP x64 and Windows XP SP3 (32-bit).

  186. "SHA2 and Windows – Windows PKI blog – Site Home – TechNet Blogs". 2010-09-30. Archived from the original on 2014-07-16. Retrieved 2014-07-29. https://blogs.technet.com/b/pki/archive/2010/09/30/sha2-and-windows.aspx

  187. MSRC (2015-03-10). Vulnerability in Schannel Could Allow Security Feature Bypass (3046049). Security Bulletins (Technical report). MS15-031. Retrieved 2021-10-24 – via Microsoft Docs. /wiki/Microsoft_Security_Response_Center

  188. MSRC (2015-05-12). Vulnerability in Schannel Could Allow Information Disclosure (3061518). Security Bulletins (Technical report). MS15-055. Retrieved 2021-10-24 – via Microsoft Docs. /wiki/Microsoft_Security_Response_Center

  189. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  190. "HTTPS Security Improvements in Internet Explorer 7". Archived from the original on 2013-10-10. Retrieved 2013-10-29. https://msdn.microsoft.com/en-us/library/bb250503.aspx

  191. "HTTPS Security Improvements in Internet Explorer 7". Archived from the original on 2013-10-10. Retrieved 2013-10-29. https://msdn.microsoft.com/en-us/library/bb250503.aspx

  192. MS13-095 or MS14-049 for Windows Server 2003, Windows XP x64 and Windows XP SP3 (32-bit).

  193. "SHA2 and Windows – Windows PKI blog – Site Home – TechNet Blogs". 2010-09-30. Archived from the original on 2014-07-16. Retrieved 2014-07-29. https://blogs.technet.com/b/pki/archive/2010/09/30/sha2-and-windows.aspx

  194. MSRC (2015-03-10). Vulnerability in Schannel Could Allow Security Feature Bypass (3046049). Security Bulletins (Technical report). MS15-031. Retrieved 2021-10-24 – via Microsoft Docs. /wiki/Microsoft_Security_Response_Center

  195. MSRC (2015-05-12). Vulnerability in Schannel Could Allow Information Disclosure (3061518). Security Bulletins (Technical report). MS15-055. Retrieved 2021-10-24 – via Microsoft Docs. /wiki/Microsoft_Security_Response_Center

  196. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  197. "ECC Compatibility". Archived from the original on 2016-02-17. Retrieved 2015-06-13. https://support.globalsign.com/customer/portal/articles/1995283-ecc-compatibility

  198. MSRC (2015-03-10). Vulnerability in Schannel Could Allow Security Feature Bypass (3046049). Security Bulletins (Technical report). MS15-031. Retrieved 2021-10-24 – via Microsoft Docs. /wiki/Microsoft_Security_Response_Center

  199. MSRC (2015-05-12). Vulnerability in Schannel Could Allow Information Disclosure (3061518). Security Bulletins (Technical report). MS15-055. Retrieved 2021-10-24 – via Microsoft Docs. /wiki/Microsoft_Security_Response_Center

  200. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  201. "Update to add support for TLS 1.1 and TLS 1.2 in Windows Server 2008 SP2, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009". Retrieved 2017-07-19. https://support.microsoft.com/kb/4019276

  202. DTLS protocol counterpart version, however, is not supported.[63] /wiki/DTLS

  203. "Update to add support for TLS 1.1 and TLS 1.2 in Windows Server 2008 SP2, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009". Retrieved 2017-07-19. https://support.microsoft.com/kb/4019276

  204. DTLS protocol counterpart version, however, is not supported.[63] /wiki/DTLS

  205. "ECC Compatibility". Archived from the original on 2016-02-17. Retrieved 2015-06-13. https://support.globalsign.com/customer/portal/articles/1995283-ecc-compatibility

  206. MSRC (2015-03-10). Vulnerability in Schannel Could Allow Security Feature Bypass (3046049). Security Bulletins (Technical report). MS15-031. Retrieved 2021-10-24 – via Microsoft Docs. /wiki/Microsoft_Security_Response_Center

  207. MSRC (2015-05-12). Vulnerability in Schannel Could Allow Information Disclosure (3061518). Security Bulletins (Technical report). MS15-055. Retrieved 2021-10-24 – via Microsoft Docs. /wiki/Microsoft_Security_Response_Center

  208. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  209. DTLS protocol counterpart version, however, is not supported.[63] /wiki/DTLS

  210. "Windows 7 adds support for TLSv1.1 and TLSv1.2 – IEInternals – Site Home – MSDN Blogs". Archived from the original on 2013-12-26. Retrieved 2013-10-29. https://blogs.msdn.com/b/ieinternals/archive/2009/06/19/windows-7-support-for-tls-and-ciphers.aspx

  211. DTLS protocol counterpart version, however, is not supported.[63] /wiki/DTLS

  212. "Windows 7 adds support for TLSv1.1 and TLSv1.2 – IEInternals – Site Home – MSDN Blogs". Archived from the original on 2013-12-26. Retrieved 2013-10-29. https://blogs.msdn.com/b/ieinternals/archive/2009/06/19/windows-7-support-for-tls-and-ciphers.aspx

  213. Thomlinson, Matt (2014-11-11). "Hundreds of Millions of Microsoft Customers Now Benefit from Best-in-Class Encryption". Microsoft Security. Archived from the original on 2014-11-14. Retrieved 2014-11-14. https://blogs.microsoft.com/cybertrust/2014/11/11/hundreds-of-millions-of-microsoft-customers-now-benefit-from-best-in-class-encryption

  214. RC4 can be disabled except as a fallback (Only when no cipher suites with other than RC4 is available, cipher suites with RC4 will be used as a fallback).[66]

  215. MSRC (2015-03-10). Vulnerability in Schannel Could Allow Security Feature Bypass (3046049). Security Bulletins (Technical report). MS15-031. Retrieved 2021-10-24 – via Microsoft Docs. /wiki/Microsoft_Security_Response_Center

  216. MSRC (2015-05-12). Vulnerability in Schannel Could Allow Information Disclosure (3061518). Security Bulletins (Technical report). MS15-055. Retrieved 2021-10-24 – via Microsoft Docs. /wiki/Microsoft_Security_Response_Center

  217. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  218. IE uses the TLS implementation of the Microsoft Windows operating system provided by the Schannel security support provider. TLS 1.1 and 1.2 are disabled by default until IE11.[53][54] /wiki/Schannel

  219. IE11 will continue to support these operating systems if they are with ESUs until at least October 13, 2026.

  220. "Internet Explorer 11 for Windows Server 2012 and Windows Embedded 8 Standard". Microsoft Support. 2019-04-16. https://support.microsoft.com/en-us/help/4492872/update-for-internet-explorer-april-16-2019

  221. "Internet Explorer 11 for Windows Server 2012 and Windows Embedded 8 Standard". Microsoft Support. 2019-04-16. https://support.microsoft.com/en-us/help/4492872/update-for-internet-explorer-april-16-2019

  222. Fallback to SSL 3.0 is sites blocked by default in Internet Explorer 11 for Protected Mode.[68][69] SSL 3.0 is disabled by default in Internet Explorer 11 since April 2015.[70]

  223. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  224. DTLS protocol counterpart version, however, is not supported.[63] /wiki/DTLS

  225. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  226. DTLS protocol counterpart version, however, is not supported.[63] /wiki/DTLS

  227. Microsoft (2013-09-24). "IE11 Changes". Archived from the original on 2013-10-30. Retrieved 2013-11-01. https://blogs.msdn.com/b/ieinternals/archive/2013/09/24/internet-explorer-11-changelist-change-log.aspx

  228. Fallback to SSL 3.0 is sites blocked by default in Internet Explorer 11 for Protected Mode.[68][69] SSL 3.0 is disabled by default in Internet Explorer 11 since April 2015.[70]

  229. All RC4 cipher suites are disabled by default.

  230. MSRC (2015-03-10). Vulnerability in Schannel Could Allow Security Feature Bypass (3046049). Security Bulletins (Technical report). MS15-031. Retrieved 2021-10-24 – via Microsoft Docs. /wiki/Microsoft_Security_Response_Center

  231. MSRC (2015-05-12). Vulnerability in Schannel Could Allow Information Disclosure (3061518). Security Bulletins (Technical report). MS15-055. Retrieved 2021-10-24 – via Microsoft Docs. /wiki/Microsoft_Security_Response_Center

  232. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  233. IE uses the TLS implementation of the Microsoft Windows operating system provided by the Schannel security support provider. TLS 1.1 and 1.2 are disabled by default until IE11.[53][54] /wiki/Schannel

  234. "Protocols in TLS/SSL (Schannel SSP) - Win32 apps". learn.microsoft.com. Retrieved 2022-02-20. https://docs.microsoft.com/en-us/windows/win32/secauthn/protocols-in-tls-ssl--schannel-ssp-

  235. DTLS protocol counterpart version, however, is not supported.[63] /wiki/DTLS

  236. All RC4 cipher suites are disabled by default.

  237. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  238. "TLS (Schannel SSP) changes in Windows 10 and Windows Server 2016". Microsoft. 2017-03-21. Archived from the original on 2017-03-30. Retrieved 2017-03-29. https://web.archive.org/web/20170330011044/https://technet.microsoft.com/en-us/windows-server-docs/security/tls/tls-schannel-ssp-changes-in-windows-10-and-windows-server-2016

  239. All RC4 cipher suites are disabled by default.

  240. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  241. IE uses the TLS implementation of the Microsoft Windows operating system provided by the Schannel security support provider. TLS 1.1 and 1.2 are disabled by default until IE11.[53][54] /wiki/Schannel

  242. IE11 ran out of support for GAC (formerly CB and SAC) editions of Windows 10 since June 15, 2022.[75][76]

  243. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  244. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  245. All RC4 cipher suites are disabled by default.

  246. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  247. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  248. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  249. "Protocols in TLS/SSL (Schannel SSP) - Win32 apps". learn.microsoft.com. Retrieved 2022-02-20. https://docs.microsoft.com/en-us/windows/win32/secauthn/protocols-in-tls-ssl--schannel-ssp-

  250. All RC4 cipher suites are disabled by default.

  251. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  252. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  253. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  254. All RC4 cipher suites are disabled by default.

  255. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  256. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  257. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  258. All RC4 cipher suites are disabled by default.

  259. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  260. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  261. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  262. All RC4 cipher suites are disabled by default.

  263. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  264. IE uses the TLS implementation of the Microsoft Windows operating system provided by the Schannel security support provider. TLS 1.1 and 1.2 are disabled by default until IE11.[53][54] /wiki/Schannel

  265. "Protocols in TLS/SSL (Schannel SSP) - Win32 apps". learn.microsoft.com. Retrieved 2022-02-20. https://docs.microsoft.com/en-us/windows/win32/secauthn/protocols-in-tls-ssl--schannel-ssp-

  266. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  267. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  268. DTLS protocol counterpart version, however, is not supported.[63] /wiki/DTLS

  269. All RC4 cipher suites are disabled by default.

  270. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  271. "TLS (Schannel SSP) changes in Windows 10 and Windows Server 2016". Microsoft. 2017-03-21. Archived from the original on 2017-03-30. Retrieved 2017-03-29. https://web.archive.org/web/20170330011044/https://technet.microsoft.com/en-us/windows-server-docs/security/tls/tls-schannel-ssp-changes-in-windows-10-and-windows-server-2016

  272. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  273. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  274. All RC4 cipher suites are disabled by default.

  275. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  276. "TLS (Schannel SSP) changes in Windows 10 and Windows Server 2016". Microsoft. 2017-03-21. Archived from the original on 2017-03-30. Retrieved 2017-03-29. https://web.archive.org/web/20170330011044/https://technet.microsoft.com/en-us/windows-server-docs/security/tls/tls-schannel-ssp-changes-in-windows-10-and-windows-server-2016

  277. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  278. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  279. All RC4 cipher suites are disabled by default.

  280. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  281. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  282. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  283. All RC4 cipher suites are disabled by default.

  284. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  285. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  286. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  287. "Protocols in TLS/SSL (Schannel SSP) - Win32 apps". learn.microsoft.com. Retrieved 2022-02-20. https://docs.microsoft.com/en-us/windows/win32/secauthn/protocols-in-tls-ssl--schannel-ssp-

  288. All RC4 cipher suites are disabled by default.

  289. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  290. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  291. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  292. All RC4 cipher suites are disabled by default.

  293. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  294. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  295. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  296. All RC4 cipher suites are disabled by default.

  297. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  298. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  299. TLS 1.0 and 1.1 are disabled by default in Internet Explorer 11 and EdgeHTML since September 2022.[71][72]

  300. All RC4 cipher suites are disabled by default.

  301. Configure enabling/disabling of each protocols via setting/option (menu name is dependent on browsers).

  302. IE uses the TLS implementation of the Microsoft Windows operating system provided by the Schannel security support provider. TLS 1.1 and 1.2 are disabled by default until IE11.[53][54] /wiki/Schannel

  303. "HTTPS Security Improvements in Internet Explorer 7". Archived from the original on 2013-10-10. Retrieved 2013-10-29. https://msdn.microsoft.com/en-us/library/bb250503.aspx

  304. "What browsers work with Universal SSL". Archived from the original on 2016-03-04. Retrieved 2015-06-15. https://support.cloudflare.com/hc/en-us/articles/203041594-What-browsers-work-with-Universal-SSL

  305. Could be disabled via registry editing but need 3rd Party tools to do this.[78]

  306. "What TLS version is used in Windows Phone 8 for secure HTTP connections?". Microsoft. Archived from the original on 2016-03-04. Retrieved 2014-11-07. https://social.msdn.microsoft.com/Forums/windowsapps/en-US/2ddee177-5086-4453-987b-d02b6a7ec62d/what-tls-version-is-used-in-windows-phone-8-for-secure-http-connections?forum=wpdevelop

  307. "What TLS version is used in Windows Phone 8 for secure HTTP connections?". Microsoft. Archived from the original on 2016-03-04. Retrieved 2014-11-07. https://social.msdn.microsoft.com/Forums/windowsapps/en-US/2ddee177-5086-4453-987b-d02b6a7ec62d/what-tls-version-is-used-in-windows-phone-8-for-secure-http-connections?forum=wpdevelop

  308. "Qualys SSL Labs – Projects/User Agent Capabilities: Unknown". Archived from the original on 2017-03-01. https://www.ssllabs.com/ssltest/viewClient.html?name=IE%20Mobile&version=10&platform=Win%20Phone%208.0

  309. Could be disabled via registry editing but need 3rd Party tools to do this.[78]

  310. "Platform Security". TechNet. Microsoft Docs. 2014-06-25. Retrieved 2021-10-24. https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-phone/dn756283(v=technet.10)

  311. "Platform Security". TechNet. Microsoft Docs. 2014-06-25. Retrieved 2021-10-24. https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-phone/dn756283(v=technet.10)

  312. Only when no cipher suites with other than RC4 is available, cipher suites with RC4 will be used as a fallback.

  313. "Release Notes: Important Issues in Windows 8.1 Preview". TechNet. Microsoft Docs. 2013-06-24. Retrieved 2021-10-24. https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-8.1-and-8/dn303404(v=ws.11)

  314. "W8.1(IE11) vs RC4". Qualys Community. Archived from the original on 2014-11-04. Retrieved 2014-11-04. https://community.qualys.com/thread/12092

  315. Could be disabled via registry editing but need 3rd Party tools to do this.[78]

  316. Edge (formerly known as Project Spartan) is based on a fork of the Internet Explorer 11 rendering engine.

  317. All RC4 cipher suites are disabled by default.

  318. "TLS (Schannel SSP) changes in Windows 10 and Windows Server 2016". Microsoft. 2017-03-21. Archived from the original on 2017-03-30. Retrieved 2017-03-29. https://web.archive.org/web/20170330011044/https://technet.microsoft.com/en-us/windows-server-docs/security/tls/tls-schannel-ssp-changes-in-windows-10-and-windows-server-2016

  319. All RC4 cipher suites are disabled by default.

  320. Safari uses the operating system implementation on Mac OS X, Windows (XP, Vista, 7)[84] with unknown version,[85] Safari 5 is the last version available for Windows. OS X 10.8 on have SecureTransport support for TLS 1.1 and 1.2[86] Qualys SSL report simulates Safari 5.1.9 connecting with TLS 1.0 not 1.1 or 1.2.[87]

  321. "Apple Secures Mac OS X with Mavericks Release". eSecurity Planet. 2013-10-25. Archived from the original on 2014-07-08. Retrieved 2014-06-23. http://www.esecurityplanet.com/mac-os-security/apple-secures-mac-os-x-with-mavericks-release.html

  322. "What browsers work with Universal SSL". Archived from the original on 2016-03-04. Retrieved 2015-06-15. https://support.cloudflare.com/hc/en-us/articles/203041594-What-browsers-work-with-Universal-SSL

  323. "SHA-256 Compatibility". Archived from the original on 2015-07-01. Retrieved 2015-06-12. https://support.globalsign.com/customer/portal/articles/1499561-sha-256-compatibility

  324. "ECC Compatibility". Archived from the original on 2016-02-17. Retrieved 2015-06-13. https://support.globalsign.com/customer/portal/articles/1995283-ecc-compatibility

  325. "ECC Compatibility". Archived from the original on 2016-02-17. Retrieved 2015-06-13. https://support.globalsign.com/customer/portal/articles/1995283-ecc-compatibility

  326. In September 2013, Apple implemented BEAST mitigation in OS X 10.8 (Mountain Lion), but it was not turned on by default, resulting in Safari still being theoretically vulnerable to the BEAST attack on that platform.[89][90] BEAST mitigation has been enabled by default from OS X 10.8.5 updated in February 2014.[91]

  327. Because Apple removed support for all CBC protocols in SSL 3.0 to mitigate POODLE,[92][93] this leaves only RC4, which is also completely broken by the RC4 attacks in SSL 3.0.

  328. Because Apple removed support for all CBC protocols in SSL 3.0 to mitigate POODLE,[92][93] this leaves only RC4, which is also completely broken by the RC4 attacks in SSL 3.0.

  329. "About Security Update 2015-002". Apple Support knowledge base article. Apple. Archived from the original on 2015-03-16. Retrieved 2015-03-09. https://support.apple.com/en-us/HT204413

  330. "About the security content of OS X Mavericks v10.9". Archived from the original on 2014-07-04. Retrieved 2014-06-20. http://support.apple.com/kb/HT6011

  331. "About the security content of OS X Mavericks v10.9". Archived from the original on 2014-07-04. Retrieved 2014-06-20. http://support.apple.com/kb/HT6011

  332. Ristić, Ivan (2013-10-31). "Apple enabled BEAST mitigations in OS X 10.9 Mavericks". Archived from the original on 2013-11-07. Retrieved 2013-11-07. http://blog.ivanristic.com/2013/10/apple-enabled-beast-mitigations-in-mavericks.html

  333. Because Apple removed support for all CBC protocols in SSL 3.0 to mitigate POODLE,[92][93] this leaves only RC4, which is also completely broken by the RC4 attacks in SSL 3.0.

  334. Because Apple removed support for all CBC protocols in SSL 3.0 to mitigate POODLE,[92][93] this leaves only RC4, which is also completely broken by the RC4 attacks in SSL 3.0.

  335. "About Security Update 2015-002". Apple Support knowledge base article. Apple. Archived from the original on 2015-03-16. Retrieved 2015-03-09. https://support.apple.com/en-us/HT204413

  336. Because Apple removed support for all CBC protocols in SSL 3.0 to mitigate POODLE,[92][93] this leaves only RC4, which is also completely broken by the RC4 attacks in SSL 3.0.

  337. "User Agent Capabilities: Safari 8/OS X 10.10". Qualys SSL Labs. Archived from the original on 2015-09-06. Retrieved 2015-03-07. https://www.ssllabs.com/ssltest/viewClient.html?name=Safari&version=8&platform=OS%20X%2010.10

  338. Because Apple removed support for all CBC protocols in SSL 3.0 to mitigate POODLE,[92][93] this leaves only RC4, which is also completely broken by the RC4 attacks in SSL 3.0.

  339. "About Security Update 2015-002". Apple Support knowledge base article. Apple. Archived from the original on 2015-03-16. Retrieved 2015-03-09. https://support.apple.com/en-us/HT204413

  340. "About the security content of OS X Yosemite v10.10.4 and Security Update 2015-005". Archived from the original on 2015-07-02. Retrieved 2015-07-03. https://support.apple.com/en-us/HT204942

  341. Pauly, Tommy (2019-01-29). "TLS 1.3 in iOS". [email protected] (Mailing list). https://mailarchive.ietf.org/arch/msg/tls/5QjzTilqjomSyzENtgfaAqQOhbA

  342. All RC4 cipher suites are disabled by default.

  343. All RC4 cipher suites are disabled by default.

  344. All RC4 cipher suites are disabled by default.

  345. All RC4 cipher suites are disabled by default.

  346. All RC4 cipher suites are disabled by default.

  347. All RC4 cipher suites are disabled by default.

  348. Mobile Safari and third-party software utilizing the system UIWebView library use the iOS operating system implementation, which supports TLS 1.2 as of iOS 5.0.[99][100][101] /wiki/IOS

  349. "Secure Transport Reference". Archived from the original on 2014-06-04. Retrieved 2014-06-23.kSSLProtocol2 is deprecated in iOS https://developer.apple.com/library/mac/documentation/security/Reference/secureTransportRef/Reference/reference.html#//apple_ref/c/tdef/SSLProtocol

  350. "iPhone 3.0: Mobile Safari Gets Enhanced Security Certificate Visualization". The iPhone Blog. 2009-03-31. Archived from the original on 2009-04-03. https://web.archive.org/web/20090403074546/http://www.theiphoneblog.com/2009/03/31/iphone-30-mobile-safari-enhanced-security-certificate-visualization

  351. "What browsers work with Universal SSL". Archived from the original on 2016-03-04. Retrieved 2015-06-15. https://support.cloudflare.com/hc/en-us/articles/203041594-What-browsers-work-with-Universal-SSL

  352. "Technical Note TN2287 – iOS 5 and TLS 1.2 Interoperability Issues". Apple. 2011-10-14. Archived from the original on 2011-09-07. Retrieved 2012-12-10. https://developer.apple.com/library/ios/#technotes/tn2287/_index.html

  353. "Technical Note TN2287 – iOS 5 and TLS 1.2 Interoperability Issues". Apple. 2011-10-14. Archived from the original on 2011-09-07. Retrieved 2012-12-10. https://developer.apple.com/library/ios/#technotes/tn2287/_index.html

  354. "Projects/User Agent Capabilities: Safari 7/iOS 7.1". Qualys SSL Labs. Archived from the original on 2017-03-13. https://www.ssllabs.com/ssltest/viewClient.html?name=Safari&version=7&platform=iOS%207.1

  355. "SOAP Request fails randomly on one Server but works on another on iOS7". Stack Overflow. 2013-10-11. Retrieved 2014-01-05. https://stackoverflow.com/q/19221568

  356. Because Apple removed support for all CBC protocols in SSL 3.0 to mitigate POODLE,[92][93] this leaves only RC4, which is also completely broken by the RC4 attacks in SSL 3.0.

  357. "User Agent Capabilities: Safari 8/iOS 8.1.2". Qualys SSL Labs. Archived from the original on 2016-03-04. Retrieved 2015-03-07. https://www.ssllabs.com/ssltest/viewClient.html?name=Safari&version=8&platform=iOS%208.1.2

  358. Because Apple removed support for all CBC protocols in SSL 3.0 to mitigate POODLE,[92][93] this leaves only RC4, which is also completely broken by the RC4 attacks in SSL 3.0.

  359. "About the security content of iOS 8.2". Apple Support knowledge base article. Apple. Archived from the original on 2015-03-09. Retrieved 2015-03-09. https://support.apple.com/en-us/HT204423

  360. "About the security content of iOS 8.4". Archived from the original on 2015-07-03. Retrieved 2015-07-03. https://support.apple.com/en-us/HT204941

  361. All RC4 cipher suites are disabled by default.

  362. Pauly, Tommy (2019-01-29). "TLS 1.3 in iOS". [email protected] (Mailing list). https://mailarchive.ietf.org/arch/msg/tls/5QjzTilqjomSyzENtgfaAqQOhbA

  363. All RC4 cipher suites are disabled by default.

  364. All RC4 cipher suites are disabled by default.

  365. All RC4 cipher suites are disabled by default.

  366. All RC4 cipher suites are disabled by default.

  367. All RC4 cipher suites are disabled by default.

  368. Whether EV SSL and DV SSL (normal SSL) can be distinguished by indicators (green lock icon, green address bar, etc.) or not.

  369. e.g. 1/n-1 record splitting.

  370. e.g. Disabling header compression in HTTPS/SPDY. /wiki/HTTPS

  371. Complete mitigations; disabling SSL 3.0 itself, "anti-POODLE record splitting". "Anti-POODLE record splitting" is effective only with client-side implementation and valid according to the SSL 3.0 specification, however, it may also cause compatibility issues due to problems in server-side implementations. Partial mitigations; disabling fallback to SSL 3.0, TLS_FALLBACK_SCSV, disabling cipher suites with CBC mode of operation. If the server also supports TLS_FALLBACK_SCSV, the POODLE attack will fail against this combination of server and browser, but connections where the server does not support TLS_FALLBACK_SCSV and does support SSL 3.0 will still be vulnerable. If disabling cipher suites with CBC mode of operation in SSL 3.0, only cipher suites with RC4 are available, RC4 attacks become easier. When disabling SSL 3.0 manually, POODLE attack will fail. /wiki/Block_cipher_mode_of_operation#Cipher-block_chaining_(CBC)

  372. Complete mitigation; disabling cipher suites with RC4. Partial mitigations to keeping compatibility with old systems; setting the priority of RC4 to lower.

  373. "Tracking the FREAK Attack". Archived from the original on 2015-03-06. Retrieved 2015-03-08. https://freakattack.com

  374. "FREAK: Factoring RSA Export Keys". Archived from the original on 2015-03-11. Retrieved 2015-03-08. https://www.smacktls.com/#freak

  375. "SSLSocket|Android Developers". Archived from the original on 2015-03-18. Retrieved 2015-03-11. https://developer.android.com/reference/javax/net/ssl/SSLSocket.html

  376. "SHA-256 Compatibility". Archived from the original on 2015-07-01. Retrieved 2015-06-12. https://support.globalsign.com/customer/portal/articles/1499561-sha-256-compatibility

  377. "What browsers work with Universal SSL". Archived from the original on 2016-03-04. Retrieved 2015-06-15. https://support.cloudflare.com/hc/en-us/articles/203041594-What-browsers-work-with-Universal-SSL

  378. "ECC Compatibility". Archived from the original on 2016-02-17. Retrieved 2015-06-13. https://support.globalsign.com/customer/portal/articles/1995283-ecc-compatibility

  379. "SSLSocket|Android Developers". Archived from the original on 2016-03-04. Retrieved 2015-12-17. https://developer.android.com/reference/javax/net/ssl/SSLSocket.html

  380. "SSLSocket|Android Developers". Archived from the original on 2016-03-04. Retrieved 2015-12-17. https://developer.android.com/reference/javax/net/ssl/SSLSocket.html

  381. "SSLSocket|Android Developers". Archived from the original on 2016-03-04. Retrieved 2015-12-17. https://developer.android.com/reference/javax/net/ssl/SSLSocket.html

  382. "Android 5.0 Behavior Changes|Android Developers". Archived from the original on 2015-03-09. Retrieved 2015-03-11. https://developer.android.com/about/versions/android-5.0-changes.html#ssl

  383. "SSLSocket|Android Developers". Archived from the original on 2016-03-04. Retrieved 2015-12-17. https://developer.android.com/reference/javax/net/ssl/SSLSocket.html

  384. "Android 5.0 Behavior Changes|Android Developers". Archived from the original on 2015-03-09. Retrieved 2015-03-11. https://developer.android.com/about/versions/android-5.0-changes.html#ssl

  385. Only when no cipher suites with other than RC4 is available, cipher suites with RC4 will be used as a fallback.

  386. "Android 8.0 Behavior Changes". Archived from the original on 2017-12-01. https://developer.android.com/about/versions/oreo/android-8.0-changes.html