SSL Help

Bob Sneidar bobsneidar at iotecdigital.com
Mon Aug 15 17:18:47 EDT 2016


When Microsoft, and later Google decided to update their SSL/TLS to use the latest versions of both, we at the copier company I work for did not have the luxury of saying that we couldn't ask our customers to update the software on their copiers. We had to send technicians out and do it. When major libraries like OpenSSL are fundamentally changed, we as developers and service people are bound to fix it.

You might consider bundling the fix into your next major release, but updating software to fix these kinds of issues is a normal and expected part of using software in this day and age. I might suggest that losing a customer because you ask them to do an update tells me you really didn't have that customer to begin with.

Bob S


On Aug 15, 2016, at 12:29 , Dan Friedman <dan at clearvisiontech.com<mailto:dan at clearvisiontech.com>> wrote:

Fraser,

Mainly, I can't ask thousands of people to reinstall my application at this time.   Also, I can't take the risk of rolling out a *new* version of LC.  I've done that in the past and it has cost me clients.   With all new versions of LC, there are known bugs, and unknown bugs.  You and I and everyone reading this can expect this in a new version.  But my clients don't.  Later versions are simply more stable.  Period.

Other than this issue, LC 7.0.1 is working well.   Can you offer any support for this issue with 7.0.1?  Or, do I just set libURLSetSSLVerification to false and hope for the best?

Thank you for your time,
-Dan




More information about the Use-livecode mailing list