RESOLVED FIXED 196549
Add SPI to disable legacy TLS fallback 
https://bugs.webkit.org/show_bug.cgi?id=196549
Summary Add SPI to disable legacy TLS fallback
Alex Christensen
Reported 2019-04-03 11:47:18 PDT
Add SPI to disable legacy TLS fallback
Attachments
Patch (13.20 KB, patch)
2019-04-03 11:50 PDT, Alex Christensen 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Alex Christensen
Comment 1 2019-04-03 11:50:14 PDT
Created attachment 366626 [details] Patch
Geoffrey Garen
Comment 2 2019-04-03 14:33:43 PDT
Comment on attachment 366626 [details] Patch This seems like a really nice improvement to apply by default for the long tail of clients who don't think deeply about TLS. Can you think of a strategy to apply this change by default? Maybe a linked-on-or-after check?
Alex Christensen
Comment 3 2019-04-03 14:37:57 PDT
We do not want to pursue this in this way at this time. Plans exist, though.
WebKit Commit Bot
Comment 4 2019-04-03 15:05:03 PDT
Comment on attachment 366626 [details] Patch Clearing flags on attachment: 366626 Committed r243829: <https://trac.webkit.org/changeset/243829>
WebKit Commit Bot
Comment 5 2019-04-03 15:05:04 PDT
All reviewed patches have been landed. Closing bug.
Radar WebKit Bug Importer
Comment 6 2019-04-03 15:06:20 PDT
<rdar://problem/49575666>
Alex Christensen
Comment 7 2019-04-03 16:21:16 PDT
http://trac.webkit.org/r243834
Alex Christensen
Comment 8 2019-04-08 14:42:57 PDT
http://trac.webkit.org/r244048
Note You need to log in before you can comment on or make changes to this bug.