This removal has been delayed in Stable until Chrome 84. TLS 1.0 and 1.1 were deprecated in Chrome 72 with a planned removal in Chrome 81 (in early 2020). Other browsers are also removing support for TLS 1.0 and 1.1 at this time. Previously, we showed a deprecation warning in DevTools. In M-79, Chrome marked affected sites as "Not Secure". In M-84, Chrome will show a full page interstitial warning on sites that do not support TLS 1.2 or higher.

Motivation

TLS 1.2 was published ten years ago to address weaknesses in TLS 1.0 and 1.1 and has enjoyed wide adoption since then. These old versions of TLS rely on MD5 and SHA-1, both now broken, and contain other flaws. TLS 1.0 is no longer PCI-DSS compliant and the TLS working group has adopted a document to deprecate TLS 1.0 and TLS 1.1.

Status in Chromium


Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

Comments

The existing enterprise policy SSLVersionMin can be used to override the security indicator downgrade (Chrome 79+) and interstitial warning (Chrome 84+) until May 2021.

Last updated on 2021-05-06