Why are some "Use TLS" and "Use SSL" options turned off?

Actually, it is safer to use TLS 1.1 / 1.2, as recent reports have shown vulnerability while utilizing TLS 1.0. Source: http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/

As per the above report, the reason TLS 1.0 is still used because:

Chief culprits for the inertia are the Network Security Services package used to implement SSL in Mozilla's Firefox and Google's Chrome browsers, and OpenSSL, an open-source code library that millions of websites use to deploy TLS. In something of a chicken-and-egg impasse, neither toolkit offers recent versions of TLS, presumably because the other one doesn't.

“The problem is people will not improve things unless you give them a good reason, and by a good reason I mean an exploit,” said Ivan Ristic, Qualys's director of engineering. “It's terrible, isn't it?”

While both Mozilla and the volunteers maintaining OpenSSL have yet to implement TLS 1.2 at all, Microsoft has performed only slightly better. Secure TLS versions are available in its Internet Explorer browser and IIS webserver, but not by default. Opera also makes version 1.2 available but not be default in its browser.

.

Microsoft has a Security Advisory out for a SSL vulnerability and recommends enabling TLS v1.1, there is a fixit on this page to assist in enabling it properly.

. http://support.microsoft.com/kb/2588513

.


SSL 2.0 is unsafe. SSL 3.0 and TLS 1.0 are most prevalent. But as Ar Sh mentioned, there are reports of vulnerability in TLS 1.0.

Since most web servers implement SSL 3.0 and TLS 1.0, most web browsers still use them and are the defaults.

IN my opinion, you can enable TLS 1.1 and 1.2 but avoid enabling SSL 2.0 as it is unsafe.