6 Appendix A: Product Behavior
The information in this specification is applicable to the following Microsoft products or supplemental software. References to product versions include updates to those products.
The terms "earlier" and "later", when used with a product version, refer to either all preceding versions or all subsequent versions, respectively. The term "through" refers to the inclusive range of versions. Applicable Microsoft products are listed chronologically in this section.
Windows XP operating system
Windows Server 2003 operating system
Windows Vista operating system
Windows Server 2008 operating system
Windows 7 operating system
Windows Server 2008 R2 operating system
Windows 8 operating system
Windows Server 2012 operating system
Windows 8.1 operating system
Windows Server 2012 R2 operating system
Windows 10 operating system
Windows Server 2016 operating system
Windows Server operating system
Windows Server 2019 operating system
Windows Server 2022 operating system
Windows 11 operating system
Windows Server 2025 operating system
Exceptions, if any, are noted in this section. If an update version, service pack or Knowledge Base (KB) number appears with a product name, the behavior changed in that update. The new behavior also applies to subsequent updates unless otherwise specified. If a product edition appears with the product version, behavior is different in that product edition.
Unless otherwise specified, any statement of optional behavior in this specification that is prescribed using the terms "SHOULD" or "SHOULD NOT" implies product behavior in accordance with the SHOULD or SHOULD NOT prescription. Unless otherwise specified, the term "MAY" implies that the product does not follow the prescription.
<1> Section 1: Specification support is listed in the following table. For TLS/SSL version support tables, see [MSDOCS-TLS/SSLTables]. For more information on support, see Elliptical Curve changes [MSDOCS-TLS-EC-Changes], Elliptic Curves [MSDOCS-TLS-EllipticCurves], and Cipher Suites [MSDOCS-TLS/SSL-CipherSuites].
|
Features |
Protocols |
Extensions |
Elliptic Curves and Cipher Suites |
Supported by |
|---|---|---|---|---|
|
TLS 1.3 |
|
|
Windows 11 client and later Windows Server 2022 and later 0-RTT resumption mode is not supported (section 2.3) Only psk_dhe_ke key exchange mode is supported (section 4.2.9) |
|
|
Elliptic Curves and Pre-Shared Keys for TLS |
|
|
[RFC7748] (Curve25519 only) |
Windows 10 v1607 operating system and later Windows Server 2016 and later |
|
TLS Extension for Token Binding Protocol Negotiation |
|
|
Windows 10 v1507 operating system and later Windows Server 2016 and later Applies to TLS 1.0, TLS 1.1, and TLS 1.2 |
|
|
TLS Session Resumption without Server-Side State |
|
|
Windows 8.1 and later Windows Server 2012 R2 and later Applies to TLS 1.0, TLS 1.1, and TLS 1.2 |
|
|
TLS 1.2 |
Windows 8 and later Windows Server 2012 and later Windows Server 2008 operating system with Service Pack 2 (SP2); see [KB4019276]. To enable support for TLS 1.1 and TLS 1.2, see |
|||
|
TLS 1.1 |
|
|
||
|
TLS 1.0 |
Supported on every Windows version Windows Vista and later Windows Server 2008 and later |
|||
|
TLS Session Hash and Extended Master Secret Extension |
|
|
Supported on every Windows version Windows Vista and later Windows Server 2008 with SP2 and later; see [MSDOCS-SB-3081320] Applies to TLS 1.0, TLS 1.1, and TLS 1.2 |
|
|
SSL 3.0 |
|
|
Supported on every Windows version Disabled by default in: Windows 10 v1607 and later Windows Server 2016 and later |
<2> Section 2.2: [RFC5077] is not supported in Windows XP, through Windows 7 clients and Windows Server 2003 through Windows Server 2008 R2. Only the client side of [RFC5077] is supported in Windows 8 and Windows Server 2012.
[RFC7301] is not supported by Windows XP through Windows 8 clients and Windows Server 2003 through Windows Server 2012.
<3> Section 2.2.1: DHE_PSK or RSA_PSK Key Exchange Algorithms defined in [RFC5487] are not supported in Windows.
PSK Key Exchange Algorithm or PSK cipher suites in [RFC5487] are not supported in Windows XP through Windows 10 v1511 operating system clients and Windows Server 2003 through Windows Server 2012 R2.
<4> Section 2.2.1: [RFC4492] is not supported in Windows XP and Windows Server 2003. All other applicable Windows releases support [RFC4492], except for not allowing ECDH cipher suites where the number of bits used in the public key algorithm is less than the number of bits used in the signing algorithm.
<5> Section 2.2.1: Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension [RFC7627] is not supported in Windows XP through Windows 8.1 clients and Windows Server 2003 through Windows Server 2012 R2.
<6> Section 2.2.1: Windows accepts a unified format ClientHello message even when SSL version 2 is disabled.
<7> Section 2.2.2: Windows has a decoupling of the network layer from the TLS/ SSL layer and thus cannot ensure that alert messages are sent.
<8> Section 2.2.2: Sending and receiving the Certificate Status Request extension from [RFC4366] and [RFC3546] are not supported by Windows XP and Windows Server 2003.
<9> Section 2.2.3: Sending the Server Name Indications from [RFC4366] and [RFC3546] in the ClientHello is not supported by Windows XP and Windows Server 2003.
Sending and receiving the Server Name Indications is not supported by Windows XP through Windows 7 clients and Windows Server 2003 through Windows Server 2008 R2.
<10> Section 2.2.3: Sending and receiving the User Mapping extension by using UPN domain hint from [RFC4681] is supported by Windows.
<11> Section 2.2.3: [RFC5077] is not supported by Windows XP through Windows 7 clients and Windows Server 2003 through Windows Server 2008 R2. Only the client side of [RFC5077] is supported by Windows 8 and Windows Server 2012.
<12> Section 2.2.3: [RFC7301] is not supported by Windows XP through Windows 8 clients and Windows Server 2003, through Windows Server 2012.
<13> Section 2.2.3: Transport Layer Security (TLS) Extension for Token Binding Protocol Negotiation [RFC8472] is not supported by Windows XP through Windows 10 v1507 clients and Windows Server 2003 through Windows Server 2012 R2 operating system.
<14> Section 2.2.4: Windows does not require that the signing algorithm used by the issuer of a certificate match the algorithm in the end certificate. Windows also does not require specific key usage extension bits to be set in certificates.
<15> Section 2.2.4: Windows omits the root certificate by default when sending certificate chains.
<16> Section 3.1.5: Note the following Windows message processing:
If a session fails during bulk data transfer, Windows does not prevent attempted resumption of the session.
Only Windows XP and Windows Server 2003 support and process extensions within the Certificate Status Request extension.
Windows does not ignore a HelloRequest received, even in the middle of a handshake.
Windows Server 2003 does not support fragmentation of incoming messages across frames as is allowed in [RFC5246] section 6.2.1.
<17> Section 3.1.5: [RFC7301] is not supported by Windows XP through Windows 8 clients and Windows Server 2003 through Windows Server 2012.
<18> Section 3.1.5: Windows ignores both unrequested and duplicate extensions in both ClientHello and ServerHello.