nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read

From: joel jaeggli <joelja () bogus com>
Date: Tue, 31 Dec 2019 09:09:59 -0800
On 12/31/19 08:25, Seth Mattinen wrote:

On 12/31/19 8:10 AM, joel jaeggli wrote:

Argumentation on the basis of a tu quoque fallacy doesn't really add
much to the dicussion. Depreciating potentialy dangerous and definitely
obsolete protocols does not make you a hypocrite.



Then how about privilege?

If someone is living in a less-privileged situation (oppressive regime,
state controlled ISP, extreme poverty, whatever) there's also a good
chance that such people may not able to acquire newer/updated technology
easily, perhaps not even legally at great risk. I will disagree with
anyone's assertion that people in such conditions deserve to be
disenfranchised.


You cite a hypothetical situation that may, but does not in my
experience exist, I work with customers who had populations of impacted
devices, so the consequences and timing of these transitions are
directly consequential to our customers.

Most CDNs turned off tls 1.0 by early to mid-2018. The  mobile devices
that still required it at the time and did not have an alternative were
a vanishingly small portion of the population then in use (for example
legacy docomo i-mode handsets), and the ones that cannot support it now
are still smaller,  Lacking support for SNI was a signification consumer
of address consumption in CDNs and that contributes to accessibility
cost and usability issues for websites  attempts at universal tls
deployment as well so we should be clear that there are plenty of people
who were disenfranchised by or burdened with otherwise unnecessary costs
by the need to support tls 1.0.

Most populations have recourse to application alternatives that can and
did extend their useful service life to tls 1.2 (current firefox
supports back to android 4.1 for example, Opera mini /mobile have much
larger market shares in bandwidth constrained environments and superior
performance on low end devices). tls 1.1 is not really far on the heels
of 1.0. hence you see this now.

Attachment: signature.asc
Description: OpenPGP digital signature

Previous By Date Next
Previous By Thread Next

Current thread: