diff --git a/src/libraries/System.Net.Security/src/System/Net/Security/SslAuthenticationOptions.cs b/src/libraries/System.Net.Security/src/System/Net/Security/SslAuthenticationOptions.cs
index fce59ffaef0d74..c3a78a098584f5 100644
--- a/src/libraries/System.Net.Security/src/System/Net/Security/SslAuthenticationOptions.cs
+++ b/src/libraries/System.Net.Security/src/System/Net/Security/SslAuthenticationOptions.cs
@@ -182,8 +182,6 @@ private static SslProtocols FilterOutIncompatibleSslProtocols(SslProtocols proto
             {
 #pragma warning disable 0618
                 // SSL2 is mutually exclusive with >= TLS1.2
-                // On Windows10 SSL2 flag has no effect but on earlier versions of the OS
-                // opting into both SSL2 and >= TLS1.2 causes negotiation to always fail.
                 protocols &= ~SslProtocols.Ssl2;
 #pragma warning restore 0618
             }
diff --git a/src/libraries/System.Net.Security/src/System/Net/Security/SslCertificateTrust.cs b/src/libraries/System.Net.Security/src/System/Net/Security/SslCertificateTrust.cs
index db6e1cb6d18136..4a34e3f9aa2aa4 100644
--- a/src/libraries/System.Net.Security/src/System/Net/Security/SslCertificateTrust.cs
+++ b/src/libraries/System.Net.Security/src/System/Net/Security/SslCertificateTrust.cs
@@ -1,7 +1,6 @@
 // Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 
-using System.Runtime.Versioning;
 using System.Security.Cryptography.X509Certificates;
 
 namespace System.Net.Security
@@ -22,10 +21,8 @@ public static SslCertificateTrust CreateForX509Store(X509Store store, bool sendT
             }
 #endif
             if (sendTrustInHandshake && !System.OperatingSystem.IsLinux() && !System.OperatingSystem.IsMacOS() &&
-                // Necessary functions are available only on win 8 onwards
-                !OperatingSystem.IsWindowsVersionAtLeast(6, 2))
+                !System.OperatingSystem.IsWindows())
             {
-                // to be removed when implemented.
                 throw new PlatformNotSupportedException(SR.net_ssl_trust_handshake);
             }
             if (!store.IsOpen)
diff --git a/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamPal.Windows.cs b/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamPal.Windows.cs
index 2f29cc44c2583e..9ad63db0a24384 100644
--- a/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamPal.Windows.cs
+++ b/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamPal.Windows.cs
@@ -289,7 +289,7 @@ private static unsafe void AttachCertificateStore(SafeFreeCredentials cred, X509
             return;
         }
 
-        // This is legacy crypto API used on .NET Framework and older Windows versions.
+        // This is legacy crypto API used on older Windows 10 versions.
         // It only supports TLS up to 1.2
         public static unsafe SafeFreeCredentials AcquireCredentialsHandleSchannelCred(SslAuthenticationOptions authOptions)
         {
diff --git a/src/libraries/System.Net.Security/src/System/Security/Authentication/ExtendedProtection/ExtendedProtectionPolicy.cs b/src/libraries/System.Net.Security/src/System/Security/Authentication/ExtendedProtection/ExtendedProtectionPolicy.cs
index 5b476ac057d5d5..ddab414e4249f2 100644
--- a/src/libraries/System.Net.Security/src/System/Security/Authentication/ExtendedProtection/ExtendedProtectionPolicy.cs
+++ b/src/libraries/System.Net.Security/src/System/Security/Authentication/ExtendedProtection/ExtendedProtectionPolicy.cs
@@ -148,7 +148,7 @@ public static bool OSSupportsExtendedProtection
         {
             get
             {
-                // .NET Core is supported only on Win7+ where ExtendedProtection is supported.
+                // .NET is supported only on Windows where ExtendedProtection is supported.
                 return OperatingSystem.IsWindows();
             }
         }
diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamCredentialCacheTest.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamCredentialCacheTest.cs
index 0429917ad24497..255ca1a5ce62fb 100644
--- a/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamCredentialCacheTest.cs
+++ b/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamCredentialCacheTest.cs
@@ -39,8 +39,8 @@ public async Task SslStream_SameCertUsedForClientAndServer_Ok()
                 if (Capability.IsTrustedRootCertificateInstalled())
                 {
                     // https://technet.microsoft.com/en-us/library/hh831771.aspx#BKMK_Changes2012R2
-                    // Starting with Windows 8, the "Management of trusted issuers for client authentication" has changed:
-                    // The behavior to send the Trusted Issuers List by default is off.
+                    // On Windows, the "Management of trusted issuers for client authentication" is configured
+                    // such that the behavior to send the Trusted Issuers List by default is off.
 
                     Assert.True(client.IsMutuallyAuthenticated);
                     Assert.True(server.IsMutuallyAuthenticated);
diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamSystemDefaultsTest.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamSystemDefaultsTest.cs
index 31a291e709332f..16c87ca874e7cb 100644
--- a/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamSystemDefaultsTest.cs
+++ b/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamSystemDefaultsTest.cs
@@ -86,7 +86,7 @@ public async Task ClientAndServer_OneOrBothUseDefault_Ok(SslProtocols? clientPro
                 await TestConfiguration.WhenAllOrAnyFailedWithTimeout(
                     AuthenticateClientAsync(serverHost, clientCertificates, checkCertificateRevocation: false, protocols: clientProtocols),
                     AuthenticateServerAsync(serverCertificate, clientCertificateRequired: true, checkCertificateRevocation: false, protocols: serverProtocols));
-                if (PlatformDetection.IsWindows && PlatformDetection.WindowsVersion >= 10 &&
+                if (PlatformDetection.IsWindows &&
 #pragma warning disable 0618
                     clientProtocols.GetValueOrDefault() != SslProtocols.Default &&
                     serverProtocols.GetValueOrDefault() != SslProtocols.Default)
diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/TestConfiguration.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/TestConfiguration.cs
index 738698fcae9971..9cdc176c7d1a7b 100644
--- a/src/libraries/System.Net.Security/tests/FunctionalTests/TestConfiguration.cs
+++ b/src/libraries/System.Net.Security/tests/FunctionalTests/TestConfiguration.cs
@@ -39,15 +39,9 @@ public static Task WhenAllOrAnyFailedWithTimeout(params Task[] tasks)
             // On Windows, null ciphers (no encryption) are supported.
             if (OperatingSystem.IsWindows())
             {
-                if (!PlatformDetection.IsWindows10OrLater)
-                {
-                    // All old versions support null encryption
-                    return true;
-                }
-
                 try
                 {
-                    // New Windows can support null but it may be disabled in Azure images
+                    // Null encryption may be disabled in Azure images
                     using (Process p = Process.Start(new ProcessStartInfo("powershell", "-Command Get-TlsCipherSuite") { RedirectStandardOutput = true, RedirectStandardError = true }))
                     {
                         using StreamReader reader = p.StandardOutput;