This is somewhat more aggressive than our plans for HTTPS. The usage rate is significantly higher (that's about 3x) and we don't have DTLS 1.3 yet, though the spec is now close to publication.
On balance, this is still justifiable given the nature of this feature. On Fri, Nov 8, 2019 at 5:29 PM Nils Ohlmeier <nohlme...@mozilla.com> wrote: > With the intent to unship TLS 1.0 and 1.1 > https://groups.google.com/forum/#!topic/mozilla.dev.platform/8EFRYDR3N1c < > https://groups.google.com/forum/#!topic/mozilla.dev.platform/8EFRYDR3N1c> > we don’t want to leave Firefox users left with the old DTLS 1.0 when using > WebRTC. > > The latest draft on WebRTC security architecture (which soon going to be > published as an RFC) requires all implementations to support DTLS 1.2 > https://tools.ietf.org/html/draft-ietf-rtcweb-security-arch-20#section-6.5 > < > https://tools.ietf.org/html/draft-ietf-rtcweb-security-arch-20#section-6.5 > > > > In Firefox 71 we landed user prefs which enables developers to test their > WebRTC services with DTLS 1.2 only. > > Chrome has announced to also turn off DTLS 1.0 for WebRTC in M81 > https://groups.google.com/forum/?utm_medium=email&utm_source=footer#!topicsearchin/discuss-webrtc/dtls;context-place=searchin/discuss-webrtc/PSA$3A/discuss-webrtc/Dsq_14_WoUk > < > https://groups.google.com/forum/?utm_medium=email&utm_source=footer#!topicsearchin/discuss-webrtc/dtls;context-place=searchin/discuss-webrtc/PSA$3A/discuss-webrtc/Dsq_14_WoUk > > > > Last time when we measured DTLS 1.0 usage was 1.88% in Firefox 68 Beta > https://telemetry.mozilla.org/new-pipeline/dist.html#!cumulative=0&end_date=2019-06-18&include_spill=0&keys=__none__!__none__!__none__&max_channel_version=beta%252F67&measure=WEBRTC_DTLS_PROTOCOL_VERSION&min_channel_version=null&processType=*&product=Firefox&sanitize=0&sort_by_value=0&sort_keys=submissions&start_date=2019-03-10&table=0&trim=0&use_submission_date=0 > < > https://telemetry.mozilla.org/new-pipeline/dist.html#!cumulative=0&end_date=2019-06-18&include_spill=0&keys=__none__!__none__!__none__&max_channel_version=beta%2F67&measure=WEBRTC_DTLS_PROTOCOL_VERSION&min_channel_version=null&processType=*&product=Firefox&sanitize=0&sort_by_value=0&sort_keys=submissions&start_date=2019-03-10&table=0&trim=0&use_submission_date=0 > > > > We want to disable DTLS 1.0 in WebRTC together with TLS 1.0 and 1.1 in > March 2020. > > Disabling DTLS 1.0 is tracked at > https://bugzilla.mozilla.org/show_bug.cgi?id=1506392 < > https://bugzilla.mozilla.org/show_bug.cgi?id=1506392> > > Best > Nils Ohlmeier > > _______________________________________________ > dev-platform mailing list > dev-platform@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-platform > _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
