If Apple is now going to mandate that apps only connect to servers using TLS 1.2, then shouldn’t there be a supported way to configure CFStream to obey that rule? Even in the iOS 9 SDK there still isn’t any constant denoting a TLS version higher than 1.0 (kCFStreamSocketSecurityLevelTLSv1.)
Technote 2287* names some ‘new’ values for TLS 1.1 and 1.2 that were added back in iOS 5 but don’t have their own string constants yet (rdar://10229865 <rdar://10229865>). Four years (and ten million Radars) later, the constants are still missing. I’m also curious about the TLS 1.2 server compatibility problems described in that technote. The recommendation then was to revert back to SSLv3, which I did because some users were running into this issue. Then security flaws were found in SSLv3, so I bumped it up to TLS 1. Should I now use the unofficial TLS 1.2 constant? —Jens * https://developer.apple.com/library/ios/technotes/tn2287/_index.html
_______________________________________________ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list ([email protected]) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to [email protected]
