nanog mailing list archives
Re: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read
From: Matt Harris <matt () netfire net>
Date: Tue, 31 Dec 2019 10:02:26 -0600
On Tue, Dec 31, 2019 at 2:30 AM Matt Hoppes < mattlists () rivervalleyinternet net> wrote:
Why do I need Wikipedia SSLed? I know the argument. But if it doesn’t work why not either let it fall back to 1.0 or to HTTP. This seems like security for no valid reason.
Being able to authenticate that the content you've requested is coming from the source from which you requested it seems like a pretty valid reason to me. If you live in a privileged nation with democratic governance, and you have ISP choice and your ISP doesn't and won't hijack your connections and you're not otherwise in an environment where your connections may be hijacked for any number of reasons by any number of parties, then you may not think about this very much. Employing the best (popular, well-supported, well-documented, completely open) current standard, TLS 1.2, instead of supporting deprecated, known-flawed previous versions of that protocol also seems like an entirely reasonable idea, too. If you don't like that this potentially disenfranchises users of old devices (and there's perhaps a case to be made here), then the ire should be imho directed towards the device vendors for not issuing security updates for whatever version you wish were able to support modern technology. Not at free web-based services for ending support for deprecated, known-flawed protocols/ciphers/etc. If google wanted to issue an update for older android versions to support TLS1.2 then they absolutely could, though users may see some detrimental performance impact to using modern technology on an outdated device. This isn't a new issue, and we as the greater internet community have generally tackled it by taking aggressive measures towards deprecating known-flawed technologies on a conservative timeline. RFC5246 was published over a decade ago. - mdh
Current thread:
- Re: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read, (continued)
- Re: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read Royce Williams (Dec 31)
- Re: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read John Von Essen (Dec 31)
- Re: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read John Adams (Dec 31)
- Re: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read J. Hellenthal via NANOG (Dec 31)
- Re: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read Constantine A. Murenin (Dec 31)
- RE: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read Keith Medcalf (Dec 31)
- Re: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read Mike Hammett (Dec 31)
- Re: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read Constantine A. Murenin (Dec 31)
- Re: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read Mike Hammett (Dec 31)
- Re: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read Peter Beckman (Dec 31)
- Re: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read Matt Harris (Dec 31)
- Re: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read Mike Hammett (Dec 31)
- Re: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read Matt Harris (Dec 31)
- Re: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read Royce Williams (Dec 31)
- Re: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read Josh Luthman (Dec 31)
- Re: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read Royce Williams (Dec 31)
- Re: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read Matt Harris (Dec 31)
- Re: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read Royce Williams (Dec 31)
- Re: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read Jared Mauch (Dec 31)