[zdw]

Why not go further?

I'd be all for very disturbing warnings for any version of TLS before 1.2, and somewhat scary warnings for low-security or non-PFS operational modes.

Basically, enough so that in a big company corporate would ring up the IT department to "fix the ssl site for giving an error", but not enough so that everyone clicks through the "ignorable warning".

[tptacek]

It wouldn't work. Users would see "very disturbing warnings" so often that the warnings would quickly stop disturbing them. Everyone --- everyone --- would blame the browsers, the way 3/4 of HN blamed Firefox when they enabled the fascist warning for self-signed certs (incidentally: a much more severe security problem than POODLE!).

If you want to think about "further", you want to suggest that Chromium disable support for TLS 1.1 and below. Nobody can ignore sites that break because they don't use the most secure variant of TLS. But that's obviously not going to happen.

[yuhong]

Yea, it would be likely a couple of years at least before we can disable TLS 1.0.

[justcommenting]

this is true, but if opera, firefox, chrome, and internet explorer all agreed to deprecate TLS 1.1 and below together (or at least implement scary warnings), i wonder if sites might respond differently.

it's an ecosystem problem, but also a collective action problem.