Application Transport Security deadline for iOS apps

Peter TB Brett peter.brett at livecode.com
Mon Jul 11 10:49:33 EDT 2016


On 11/07/2016 15:43, Richard Gaskin wrote:
> Paul Dupuis wrote:
>
>> On 7/11/2016 7:05 AM, Peter TB Brett wrote:
> ...
>>> Apple will be requiring ATS for all iOS apps submitted to the app
>>> store from the beginning of 2017.
> ...
>>> The "Let's Encrypt" project may be useful. https://letsencrypt.org/
>>
>> I realize that LiveCode has no influence over Apple, but this is one
>> of the most bone-headed thing Apple has ever done to it's developers.
>> There are millions of web servers out there without any logins,
>> serving publicly available data or information, that do not need to
>> be encrypted...
>
> HTTPS serves two purposes: one is encryption of data in transport, which
> may or may not be truly necessary.  When when a server only hosts
> publicly-available information it may indeed seem overkill.
>
> But the other purpose is very useful for us all:  it helps ensure that
> the site you think you're accessing is indeed what it claims to be.
>

As I mentioned previously, it serves a third purpose, even if the data 
is publicly available and you're communicating with the right server, by 
preventing middlemen from tampering with the data in transit.

                                      Peter

-- 
Dr Peter Brett <peter.brett at livecode.com>
LiveCode Technical Project Manager

LiveCode 2016 Conference: https://livecode.com/edinburgh-2016/




More information about the use-livecode mailing list