Firefox Moving On From SSL 2.0

Juha-Matti Laurio writes "Plans are afoot to remove support for SSL version 2.0 in Mozilla Firefox, reports MozillaZine portal. Mozilla Foundation is eager to disable support for SSL 2.0 and have all Firefox installations use only the newer and more secure SSL 3.0 and TLS 1.0 protocols." From the post: "Netscape Communications Corporation introduced SSL 2.0 with the launch of Netscape Navigator 1.0 in 1994. Netscape Navigator 2.0 included support for SSL 3.0 when it was released in 1996. The specification for TLS 1.0, essentially a standardized version of SSL 3.0 with some differences, was published in 1999."

Re:Good

[AKAImBatman]

Ooo! You're right! We better tell people to stop using RSA and HTTP immediately!

Be careful about such sweeping statements, please. They're more often wrong that right. And I know of quite a few people who are happy that RSA is finally out of patent protection. :-)

Re:Good

[ergo98]

If this technology is 11 years old, then I don't think anyone would like to use it today. Especially if it's encryption standard.

RSA was designed in 1977.

Age means absolutely nothing (for any technology), and instead any calls for replacement need to detail exactly what the weaknesses are and how they've been resolved in newer variants.

Re:Online banking

[Iriel]

Then again, there are some people that still work on standards older than dirt. I work for a company whose site still gets hits from people browsing with Netscape 3.0 Gold.

Sometimes, I think one thing that holds Mozilla/Firefox back from wider adoption is the fact that many people are lazy enough to make a site only work in IE, and Firefox would break someone's favorite page as a result. It's the very standards we strive for that leave the masses lagging. I don't know what companies still use SSL2.0 for anything, but I don't doubt the existence of enough to make a developer cringe.