Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


apreese16

IE 8 in 2018?

Recommended Posts

Thanks everyone! I dont have access to my computer right now but tomorrow i will make sure to look into your suggestions. 

Share this post


Link to post
Share on other sites

when I try to delete the registry entry, it gives an error saying "cannot delete PosReady: Error while deleting key" HELP!

Share this post


Link to post
Share on other sites

If you had read the thread here you'd know that already and also how to solve it. But you really don't need to remove the POSReady hack. What you need is to follow the help you've already been given.

Share this post


Link to post
Share on other sites

Yeah you don't need to delete it,  but if you wanted to delete it, you can only delete it, with offline registry modification.  It's advanced, in that I think the average user cannot do this but I don't think it is hard to load a registry hive into another OS like by using winpe boot cd or somthing editing it and unloading it. 

 

you don't need to do this you just need to read the help people already gave you.

Share this post


Link to post
Share on other sites

UPDATE: OK, so the updates finally loaded, (after 45 minutes that is, I let it keep loading while watching the super bowl) Updates are now installing, after restart Ill let you all know if I can get tls 1.1 and 1.2 to work. And yes I read through and took the advice given to me by everyone, I just was trying to delete it because I wasn't sure if it would cause other problems with my computer. I wouldn't ignore peoples advice, and that advice was super helpful. Thanks everyone! another update soon.

Share this post


Link to post
Share on other sites

Some interesting articles people here should read:

https://github.com/client9/sslassert/wiki/IE-Supported-Cipher-Suites

https://blogs.msdn.microsoft.com/kaushal/2011/10/02/support-for-ssltls-protocols-on-windows/

https://msdn.microsoft.com/en-us/library/windows/desktop/aa374757(v=vs.85).aspx

for XP:

https://msdn.microsoft.com/en-us/library/windows/desktop/aa380512(v=vs.85).aspx

https://msdn.microsoft.com/en-us/library/windows/desktop/aa380124(v=vs.85).aspx

(though SSL2/3 should be disabled due to deprecation/vulnerabilities...)

In addition to ECC & SNI missing in XP, that others have already mentioned in this thread, recent cipher suites used in TLS 1.1+ are also missing... :(

On 5/2/2018 at 3:48 PM, Sampei.Nihira said:

Can you open the website below?

https://www.inail.it/cs/internet/home.html

That site uses TLS 1.2, TLS_RSA_WITH_AES_256_CBC_SHA256 (suite unavailable in XP); it does open fine in Vista's IE9 with the addition of TLS 1.2 support; likewise, the following site

https://mpv.srsfckn.biz/

won't open even in IE9 on Vista, because, in addition to TLS 1.2 and SNI (which IE9 on Vista does support), it requires any of the following missing suites:

TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca9)

TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c)

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xc024)

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)

(source: Qualys SSL Labs - SSL Server Test)

On 5/2/2018 at 2:47 PM, apreese16 said:

tls 1.1 and 1.2 working! Wikipedia works! The only things is that they don't show up in "advanced"

OTOH, @dencorso posted here that they do for him:

On 1/2/2018 at 3:41 PM, dencorso said:

I mean, at least the Advanced Settings tick boxes for TLS 1.1 and 1.2 do appear as advertised.

I don't have XP to test, but have you deleted the "OSVersion" subkeys in

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\TLS1.1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\TLS1.2

?

What would be indeed awesome is for someone to devise a way to add to the system (schannel) missing cipher suites...

Edited by VistaLover
Further clarifications about mpv.srsfckn.biz host

Share this post


Link to post
Share on other sites
9 hours ago, VistaLover said:

Some interesting articles people here should read:

https://github.com/client9/sslassert/wiki/IE-Supported-Cipher-Suites

https://blogs.msdn.microsoft.com/kaushal/2011/10/02/support-for-ssltls-protocols-on-windows/

https://msdn.microsoft.com/en-us/library/windows/desktop/aa374757(v=vs.85).aspx

for XP:

https://msdn.microsoft.com/en-us/library/windows/desktop/aa380512(v=vs.85).aspx

https://msdn.microsoft.com/en-us/library/windows/desktop/aa380124(v=vs.85).aspx

(though SSL2/3 should be disabled due to deprecation/vulnerabilities...)

In addition to ECC & SNI missing in XP, that others have already mentioned in this thread, recent cipher suites used in TLS 1.1+ are also missing... :(

That site uses TLS 1.2, TLS_RSA_WITH_AES_256_CBC_SHA256 (suite unavailable in XP); it does open fine in Vista's IE9 with the addition of TLS 1.2 support; likewise, the following site

https://mpv.srsfckn.biz/

won't open even in IE9 on Vista, because, in addition to TLS 1.2, it requires the following missing suite:

TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256

OTOH, @dencorso posted here that they do for him:

I don't have XP to test, but have you deleted the "OSVersion" subkeys in


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\TLS1.1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\TLS1.2

?

What would be indeed awesome is for someone to devise a way to add to the system (schannel) missing cipher suites...

Nope, both sub keys are there

And thanks for those articles!

Share this post


Link to post
Share on other sites

@apreese16,

1 hour ago, apreese16 said:

Nope, both sub keys are there

Well, in @dencorso's post here, originally posted by @VistaLover here:

Quote

3. After restart, launch the Registry Editor (regedit), preferably as Administrator.

4. Navigate to

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\TLS1.1

5. Delete the "OSVersion"="3.6.1.0.0" subkey; BTW, I don't know which WinOS that string refers to (Win6.1=Win7)

6. Navigate to

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\TLS1.2

7. Again, delete the "OSVersion"="3.6.1.0.0" subkey. Exit Registry Editor.

That might, or might not, make them show up in "advanced", possibly after another restart.

No offense, but from reading this entire thread, it seems that you need to read and follow instructions more carefully.

Cheers and Regards

  • Like 1

Share this post


Link to post
Share on other sites

@apreese16: Don't! I reckon I've been terser than needed, of late. Sorry! Then again, all is well that ends well! :)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×