ssohrub

in this website : Link deleted https scan is not done by kaspersky (even if you enable it in network settings ) so the root certificate of kaspersky is not used and as expected , the obsolete weak tls 1.0/11 are not enabled

site tested : https://browserleaks.com/tls

site tested : https://browserleaks.com/tls

site tested : https://badssl.com/dashboard/

site tested : https://badssl.com/dashboard/

why did i put the problem here in the forum , because it is not personal everyone can tries and see him/herself the results and the problem is not only about kaspersky but about many vendors here is a 2017 study : deleted site summary "...A 2017 study shows that 5 to 10% of HTTPS connections are established by HTTPS-filtering applications. It is usually done by various kinds of antivirus software. The bad news is that 24 out of 26 tested antiviruses reduced, in various ways, the connection security level, while two-thirds created connections prone to hacking..." i ask what kaspersky has done that prevent this attacks , why tls 1.0/1.1 enables when htpps scan enables and the root certificate of the kaspersky is used by the browser i ask experts of the kaspersky to answer my system tested is : windows 10 22h2 (v19045.3208) , chrome v114.0.5735.199 , kaspersky free v21.13.5.506(a)

only in this site : https://clienttest.ssllabs.com:8443/ssltest/viewMyClient.html that kaspersky root certificate is not enabled,both tls 1.0 and 1.1 are disabled so please answer: should an end user enable "scan encrypted connection" option or not , at last why kaspersky "encrypted connection"scan and it's root certificate , enables both obsolete and weak tls 1.0 and 1.1 ?

guys also check this site : https://browserleaks.com/tls both tls 1.0 and 1.1 are enabled when "scan encrypted connection"option under network setting , is enabled and both tls 1.0/1.1 are disabled when"scan encrypted connection"is disabled results

guys i enabled "Scan encrypted connections" under network setting so kaspersky adds it's certificate to websites and scans them but it seems tls 1.0 and tls 1.1 that are now both obsolete and many browsers have disabled them both are enabled it means enabling "encrypted connection scan" under network setting decreases security by enabling connection to both tls 1.0 and tls 1.1 sites check this site https://badssl.com/dashboard/ enable/disable "scan encrypted connection"under network setting , clear the cache and close the browser again check the above site here are the results :