Hi all,
Since January 2020, Wikimedia has not served traffic to browsers which do not support TLS 1.2 [0]. We would like to bump basic MediaWiki software stack support to exclude those very old browsers as well.
Our MediaWiki core, extensions and skins basic browser support matrix still includes some end-of-life browsers published between 2007 and 2013 that are only supporting the now insecure ciphers of TLS 1.0 and 1.1. We've gathered stats [1] emphasizing the relatively small access expectations. Now we want to push software stack support to align to those browser versions already in place as minimum in Wikimedia hosted MediaWikis. We're continuing to provide support for browsers published from 2013 on! Note that Internet Explorer 9 and 10 are unaffected by this proposed change as well for the moment. See the specific list on task. [1]
What's to win: A great number of design and layout features (CSS, SVG and WAI-ARIA, see the list [2]) which we currently just exceptionally use in some products or via extra effort, performance impacting hacks and workarounds, and maintenance on the developer side. Current support is slowing down some advances in Desktop Improvements and other front-end work.
What's to lose: Possible layout issues in third party MediaWikis still targeting those end-of-life browers. Content access should be untouched there.
If there are no objections within the next 10 days, we're going to amend the support matrix with aforementioned TLS 1.2 supporting browsers as the minimum. Please let us know about any objections or further inputs, preferably on task.
Thanks and best regards, Volker
[0] - https://phabricator.wikimedia.org/T238038 [1] - https://phabricator.wikimedia.org/T238038 [1] - https://phabricator.wikimedia.org/T266866 [2] - https://phabricator.wikimedia.org/T266866#6591703
--- Volker E. Lead UX Engineer Desktop Improvements/Design System Wikimedia Foundation