1 Reply
      Latest reply on Nov 7, 2016 2:48 AM by eskimo
      dovfromtelaviv Level 1 Level 1 (0 points)



        The following article states:

        The negotiated Transport Layer Security (TLS) version must be TLS 1.2. Attempts to connect without TLS/SSL protection, or with an older version of TLS/SSL, are denied by default.

        Is it possible to disable full ATS support in the application?

        Is there a way to allow use of TLS 1.0/1.1 without perfect forward secrecy in the application after 1.1.2017?




        • Re: TLS 1.2 and Perfect Forward Secrecy
          eskimo Apple Staff Apple Staff (13,925 points)

          There’s two parts of any ATS question:

          • what can be done technically

          • what App Review will accept

          The former is covered by the ATS documentation, that is, the NSAppTransportSecurity section of the Information Property List Key Reference.  In their you’ll find a discussion of various ATS exception keys, including NSExceptionMinimumTLSVersion.

          With regards the latter, I don’t work for App Review and can’t give definitive answers on their behalf.  You should look to official Apple statements about this, which I’ve referenced in my App Transport Security pinned post.

          Share and Enjoy

          Quinn “The Eskimo!”
          Apple Developer Relations, Developer Technical Support, Core OS/Hardware
          let myEmail = "eskimo" + "1" + "@apple.com"