New version of Chrome 72 released: TLS 1.0 and TLS 1.1 are deprecated, HPKP support has been removed

Chrome 72 has been released, the main changes of which are directed to the basic Web API and browser protocols.

The most important change is the complete removal of HPKP (HTTP-Based Public Key Pinning) support. We already wrote earlier that Google planned to abandon HPKP. The standard was deprecated in Chrome 65, which was released in March 2018.

Website owners that use HPKP recommended refusing to support this standard.

Another important change - Chrome will no longer handle resources uploaded via FTP. Now Chrome will ask to download the file instead of processing and launching it.

The third important change is the recognition of TLS 1.0 and TLS 1.1 standards as obsolete. Full refusal to support these two standards will be made in Chrome 81, the release of which is scheduled for 2020.

Chrome will now display an error in the developer console when the user requests access to the HTTPS site using outdated TLS 1.0 / 1.1 certificates. At the same time access to the site will not be blocked. The block will happen in the version of Chrome 81.

Among other things, the developers also fixed 58 different security bugs in Chrome 72.

Subscribe to our updates to keep abreast of developments in the world of SSL and online security!