[Servercert-wg] List of Websites Relying on TLS 1.0 / 1.1
Wayne Thayer
wthayer at mozilla.com
Fri Aug 9 11:51:36 MST 2019
Here is a current list of websites that don't support TLS 1.2 or higher:
https://docs.google.com/spreadsheets/d/1Sx94fDTTo9MhXXorQJXizk2J6rs-Vc65cptaQqMjGwQ/edit?usp=sharing
(also here in CSV format:
https://bugzilla.mozilla.org/attachment.cgi?id=9083874)
It includes the issuing CA and serial number, so should be easy for each CA
to filter.
Thank you to everyone who has or is planning to reach out to your customers
that are on the list.
- Wayne
On Mon, Jul 1, 2019 at 8:54 AM Wayne Thayer <wthayer at mozilla.com> wrote:
> Last year, Mozilla [1], Google [2], Microsoft [3], and Apple [4] all
> announced that our browsers will stop supporting TLS 1.0 and 1.1 in March
> 2020. During the Mozilla browser update at the last two F2F meetings, I
> have asked CAs to help get the word out to their customers about this
> change. CAs have direct relationships with the organizations that operate
> affected websites, and this provides a great opportunity for CAs to engage
> with their customers and help to improve web security.
>
> At the last meeting, I was asked if Mozilla could facilitate this outreach
> by providing a list of websites that do not support TLS 1.2 or higher
> grouped by the CA that issued the website's TLS certificate. This
> information - for websites on the Tranco top 1 million list [5] - is
> located at:
>
>
> https://docs.google.com/spreadsheets/d/1iSEEfc5AuYwT5elAEvkZdLSbwBeJ_SR-0El6s08zNs8/edit#gid=2044764669
>
> Please be aware that this information was collected 1-2 months ago, so I
> recommend that you confirm that the site is still on the following list of
> affected site, which is updated weekly:
>
>
> http://tlscanary-plot-8e95d89854d73f4d.elb.us-west-2.amazonaws.com/tlsdeprecation-carnage.txt
>
> Please let me know if you have any questions, and thanks in advance for
> everyone's help with this!
>
> - Wayne
>
> [1]
> https://blog.mozilla.org/security/2018/10/15/removing-old-versions-of-tls/
> [2]
> https://security.googleblog.com/2018/10/modernizing-transport-security.html
> [3]
> https://blogs.windows.com/msedgedev/2018/10/15/modernizing-tls-edge-ie11/
> [4]
> https://webkit.org/blog/8462/deprecation-of-legacy-tls-1-0-and-1-1-versions/
> [5] https://tranco-list.eu/
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20190809/0893e90d/attachment.html>
More information about the Servercert-wg
mailing list