Re: Apple are, apparently, dicks...

Fri, 14 Jun 2013 06:09:50 -0700 

On 14/06/13 12:31, Ben Laurie wrote:

On 14 June 2013 12:25, Rob Stradling <rob.stradl...@comodo.com> wrote:

<snip>

Ah, so you're criticizing Apple for not being willing to force all OSX
10.8.x users to update to 10.8.4.


No.


If OSX 10.8.x has a mechanism that allows Apple to force updates to be
installed, then I agree.  But my suspicion is that it doesn't, and if so,
Apple's willingness isn't the key issue here.


It has a mechanism to nag you endlessly until you do install updates.
Which makes me wonder why you think people won't install the OS
update?



Safari's User-Agent string reveals the OSX version that it is running 
on.  A few weeks ago I analyzed some webserver logs to get an idea of 
historical OSX update rates.  Based on that analysis, I forecast that 
the majority of OSX 10.8.x users will install the 10.8.4 update, but 
that a significant minority won't.



No server administrator will want to deploy ECDHE-ECDSA if it means
breaking
compatibility with even a small fraction of deployed browsers.  Hence why
this patch is, unfortunately, necessary.



What is _necessary_ is that Apple accept responsibility for their errors
:-)



Agreed.

Sadly, the OSX 10.8.4 changelog doesn't even mention the ECDHE-ECDSA bugfix.



Why are we chasing after them cleaning up their messes?



Because we want ECDHE-ECDSA to be deployable.


--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online





--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
Office Tel: +44.(0)1274.730505
Office Fax: +44.(0)1274.730909
www.comodo.com

COMODO CA Limited, Registered in England No. 04058690
Registered Office:
  3rd Floor, 26 Office Village, Exchange Quay,
  Trafford Road, Salford, Manchester M5 3EQ


This e-mail and any files transmitted with it are confidential and 
intended solely for the use of the individual or entity to whom they are 
addressed.  If you have received this email in error please notify the 
sender by replying to the e-mail containing this attachment. Replies to 
this email may be monitored by COMODO for operational or business 
reasons. Whilst every endeavour is taken to ensure that e-mails are free 
from viruses, no liability can be accepted and the recipient is 
requested to use their own virus checking software.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majord...@openssl.org























					Reply via email to