|
Title: Apple ending SSL 3.0 push notifications in wake of severe POODLE vulnerability Post by: HCK on October 24, 2014, 03:00:19 pm Apple ending SSL 3.0 push notifications in wake of severe POODLE vulnerability
<article> <section class="page"> <p> Apple will stop support next week for an encryption protocol found to contain a severe vulnerability, the company said on Wednesday.</p><p> Support for SSL 3.0 will cease as of Oct. 29, it said.</p><p> “Providers using only SSL 3.0 will need to support TLS as soon as possible to ensure the Apple Push Notification service continues to perform as expected,” according to a note (https://developer.apple.com/news/?id=10222014a) to developers. “Providers that support both TLS and SSL 3.0 will not be affected and require no changes.”</p><p> Google researchers revealed last week they found a flaw (http://www.pcworld.com/article/2834015/security-experts-warn-of-poodle-attack-against-ssl-30.html) in SSL (Secure Sockets Layer) version 3.0, which was released more than 15 years ago. SSL has been replaced by TLS (Transport Layer Security), but the old versions are still used by some servers across the Internet and are supported by web browsers.</p><p class="jumpTag"><a href="/article/2838052/apple-to-stop-ssl-30-support-for-push-notifications-soon.html#jump">To read this article in full or to leave a comment, please click here[/url]</p></section></article> Source: Apple ending SSL 3.0 push notifications in wake of severe POODLE vulnerability (http://www.macworld.com/article/2838052/apple-to-stop-ssl-30-support-for-push-notifications-soon.html#tk.rss_all) |