TLS has a version negotiation mechanism to securely introduce new versions without breaking compatibility. Yet buggy servers implemented this wrong in the past, so browsers were forced to add (non-standard) insecure fallbacks to work around this. Unlike TLS's actual version negotiation, the fallback is insecure. Network attackers can downgrade to weaker versions, despite both client and server supporting newer, more secure versions. Note that this does *not* remove TLS 1.0 and TLS 1.1.
Status in Chromium
Removed
(tracking bug)
Consensus & Standardization
After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.
- Shipped/Shipping
- No signal
- No signal
- No signals
Owner
Search tags
ssl, tls, fallback,Last updated on 2020-11-09