Application Transport Security deadline for iOS apps
Peter TB Brett
peter.brett at livecode.com
Mon Jul 11 10:49:33 EDT 2016
On 11/07/2016 15:43, Richard Gaskin wrote:
> Paul Dupuis wrote:
>
>> On 7/11/2016 7:05 AM, Peter TB Brett wrote:
> ...
>>> Apple will be requiring ATS for all iOS apps submitted to the app
>>> store from the beginning of 2017.
> ...
>>> The "Let's Encrypt" project may be useful. https://letsencrypt.org/
>>
>> I realize that LiveCode has no influence over Apple, but this is one
>> of the most bone-headed thing Apple has ever done to it's developers.
>> There are millions of web servers out there without any logins,
>> serving publicly available data or information, that do not need to
>> be encrypted...
>
> HTTPS serves two purposes: one is encryption of data in transport, which
> may or may not be truly necessary. When when a server only hosts
> publicly-available information it may indeed seem overkill.
>
> But the other purpose is very useful for us all: it helps ensure that
> the site you think you're accessing is indeed what it claims to be.
>
As I mentioned previously, it serves a third purpose, even if the data
is publicly available and you're communicating with the right server, by
preventing middlemen from tampering with the data in transit.
Peter
--
Dr Peter Brett <peter.brett at livecode.com>
LiveCode Technical Project Manager
LiveCode 2016 Conference: https://livecode.com/edinburgh-2016/
More information about the use-livecode
mailing list