Why it is important to update our browser before the end of June
Two of the oldest and most insecure protocols on the web die on June 30 , and it is time for all of us to update our browser if for some reason we are using an older version.
One of them is an old version of TLS ( Tansport Layer Security protocol ), the cryptographic protocol that we mostly use on the Internet . For example, when we send information from our credit cards to make purchases online, then we send an email, or simply our credentials to authenticate, then TLS protocol is used.
TLS 1.0 / 1.1 and HTTP 1.0 have an extra full year of grace, originally they were supposed to have died in June 2016, but it was extended to give time to organizations and products that have always been dragged when it comes to update.
TLS 1.0 is almost 20 years old, many of us still use this version even though it is the 1.2 that was recommended a decade ago.
The first version of TLS was defined in 1999, it is almost 20 years old and it continues to be used despite the fact that we are in version 1.2, one that has been recommended since 2008, yes, for a decade .
E-commerce
E-commerce sites have until June 30 to update, and users who do not have a browser a day (most of the current versions of the most popular browsers comply) will not be able to access online shopping sites that they have updated to TLS 1.2 .
Older versions of TLS are highly insecure and put at risk to users and organizations that continue to use them. Exploits like the famous Heartbleed , were caused by a bug in OpenSSL 1.0.1, an implementation of TLS. Old versions of TLS and SSL can be victims of exploits such as POODLE , BEAST and Shellshock .
Companies like PayPal have notified vendors that they have support for TLS 1.2 and HTTP / 1.1 until June 30 and that insecure connections will be broken after that day. If you want to know the compatibility of different browsers with all versions of TLS you can review this list of Salesforce .