Eagle-eyed Firefox users and administrators may have noticed that Mozilla dropped a new system add-on on systems running the stable version of Firefox recently.
First spotted by Bleeping Computer creator Lawrence Abrams, the add-on's only purpose is to enable support for TLS 1.3, the next major Transport Layer Security protocol version.
TLS 1.3 is considered to be faster and more secure than previous versions of the protocol. The new protocol version was finalized on March 21, 2018 and it needs to be supported by web browsers and Internet services.
Firefox users who run beta or nightly versions of the web browser may know that TLS 1.3 is enabled in those versions already.
Tip: you can manage TLS 1.3 manually in Firefox (and Chrome).
Mozilla rolls out the system add-on gradually to the Firefox Stable release channel population. The organizations started with 10% of the population and monitored the effect closely.
The current level of distribution reached 50% of the entire population.
Check if TLS 1.3 is enabled
While you can check for the existence of the system add-on on about:support as it is listed under Firefox Features on the page, you may also do the following to verify the maximum TLS version in Firefox:
The preference security.tls.version.max determines the highest TLS protocol level that Firefox supports actively. If it is set to 3, TLS 1.2 is support. The system add-on raises the value to 4 which in turn adds support for TLS 1.3 to the web browser.
Tip: you can raise the level manually right away if it is set to 3. Just double-click on the preference and change the value to 4 to add support for TLS 1.3 to Firefox right away.
You can run a check for supported protocols and security features on SSLLabs. You should notice that TLS 1.3 is supported by the browser if the security.tls.version.max preference is set to 4.
Google Chrome Stable supports TLS 1.3 by default as well already. Mozilla's rollout will reach the entire Firefox Stable population eventually so that all versions of Firefox that are supported by the organization support the new protocol version.
Interested users can follow the rollout on Bugzilla.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.