Exactly. Apple just didn't tell us they were doing that and went to full
disabled instead of starting with warnings like what browser and other
apps did for a short while before defaulting to disabled. What didn't
help is that Apple's disabled didn't work properly with their own apps
as those would often still try to use SSLv3 instead of TLS when TLS was
available, that was issue. lol
Over the years, I've dealt with Apple suddenly changing or
"unsupporting" something and having all my Apple users at work unable to
do or use some app anymore. Apple has gotten a bit better at this,
having only done it every other year instead of several per.
On 6/5/2018 5:43 PM, Cinder Roxley wrote:
SSLv3 was disabled because it’s exploitable!
https://www.us-cert.gov/ncas/alerts/TA14-290A
On June 5, 2018 at 4:05:36 PM, Kadah Coba (kadah.c...@gmail.com
<mailto:kadah.c...@gmail.com>) wrote:
On 6/4/2018 10:41 PM, Dahlia Trimble wrote:
> I can't believe that Apple will remove an API that so many
> applications use.
I've seen Apple do worse in the past with less warning.
Apple disabled SSLv3 by default in iOS 9 and an OSX update (maybe around
10.11, can't remember) without warning. This would have been fine since
any updated server would also support TLS, except Apple screwed up
somewhere and many Apple apps, like Mail, would still attempt to connect
using SSLv3 but then fail with a typically Apple style unhelpful error
when the OS doesn't allow it to use SSLv3 because the app's plist config
doesn't allow for an exception.
I got around this by disabling SSLv3 and enforcing TLS only, which
flagged dayed email for Apple users. Before I did that, if they updated
to iOS9, they couldn't get email; after I made the changes, they
required iOS9, and likely an account delete and readd on their phone
because Apple.
_______________________________________________
Policies and (un)subscribe information available here:
http://wiki.secondlife.com/wiki/OpenSource-Dev
Please read the policies before posting to keep unmoderated posting
privileges
_______________________________________________
Policies and (un)subscribe information available here:
http://wiki.secondlife.com/wiki/OpenSource-Dev
Please read the policies before posting to keep unmoderated posting privileges
_______________________________________________
Policies and (un)subscribe information available here:
http://wiki.secondlife.com/wiki/OpenSource-Dev
Please read the policies before posting to keep unmoderated posting privileges
