Bug 196549

Summary: Add SPI to disable legacy TLS fallback
Product: WebKit Reporter: Alex Christensen <achristensen>
Component: New BugsAssignee: Alex Christensen <achristensen>
Status: RESOLVED FIXED    
Severity: Normal CC: commit-queue, ggaren, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Description Alex Christensen 2019-04-03 11:47:18 PDT 
Add SPI to disable legacy TLS fallback
Comment 1 Alex Christensen 2019-04-03 11:50:14 PDT 
Created attachment 366626 [details]
Patch
Comment 2 Geoffrey Garen 2019-04-03 14:33:43 PDT 
Comment on attachment 366626 [details]
Patch

This seems like a really nice improvement to apply by default for the long tail of clients who don't think deeply about TLS. Can you think of a strategy to apply this change by default? Maybe a linked-on-or-after check?
Comment 3 Alex Christensen 2019-04-03 14:37:57 PDT 
We do not want to pursue this in this way at this time.  Plans exist, though.
Comment 4 WebKit Commit Bot 2019-04-03 15:05:03 PDT 
Comment on attachment 366626 [details]
Patch

Clearing flags on attachment: 366626

Committed r243829: <https://trac.webkit.org/changeset/243829>
Comment 5 WebKit Commit Bot 2019-04-03 15:05:04 PDT 
All reviewed patches have been landed.  Closing bug.
Comment 6 Radar WebKit Bug Importer 2019-04-03 15:06:20 PDT 
<rdar://problem/49575666>
Comment 7 Alex Christensen 2019-04-03 16:21:16 PDT 
http://trac.webkit.org/r243834
Comment 8 Alex Christensen 2019-04-08 14:42:57 PDT 
http://trac.webkit.org/r244048