[vcf-midatlantic] www locks out older browsers
Jim Scheef
js at sdf.org
Mon Nov 12 11:16:53 EST 2018
David,
I first posed this question on the Vintage Apple Macintosh Enthusiasts group
on FB. Jason Duerstock commented: "It's not trivial, but I believe you're
looking for something like this:
https://serverfault.com/questions/822453/proxy-server-accepting-tls-1-0-and-
calling-tls-1-2-downstream Proxy server accepting TLS 1.0 and calling TLS
1.2 downstream"
The documentation
https://mitmproxy.readthedocs.io/en/v2.0.2/features/reverseproxy.html is
easier to read.
Seeing that we were quite happy using these sites without any encryption,
the loss of end to end security seems inconsequential.
The key words in Jason's comment were "It's not trivial..."
Jim
> -----Original Message-----
> From: vcf-midatlantic <vcf-midatlantic-bounces at lists.vcfed.org> On Behalf
Of
> David Gesswein via vcf-midatlantic
> Sent: Monday, November 12, 2018 7:21 AM
> To: Jim Scheef via vcf-midatlantic <vcf-midatlantic at lists.vcfed.org>
> Cc: David Gesswein <djg at pdp8online.com>
> Subject: Re: [vcf-midatlantic] www locks out older browsers
>
> I assume you could run a local proxy that converts. It breaks the end to
end
> security though. Businesses use these proxys for monitoring.
>
> On Mon, Nov 12, 2018 at 01:08:43AM -0500, Jim Scheef via vcf-midatlantic
> wrote:
> > Hello all,
> >
> > After playing with an eMac running OS X 10.3 several months back, I let
it sit
> for a few months. Now it can no longer open most common websites. So what
> changed while the machine was not even plugged in? After some
investigation I
> realized that main-stream sites have changed their SSL to require TLS 1.2,
mostly
> because it actually works. The result is that vintage browsers return an
error
> similar to ???cannot establish secure connection???. Forcing SSL by
refusing to
> connect on port 80, these sites have locked out many vintage machines.
> >
> > So, what can be done? The obvious solution is to find a modern browser
that
> runs on your vintage OS. This may require an OS upgrade (OS X 10.4 should
run
> on the eMac) which allows running TenFourFox, which seems to include TLS
1.2.
> >
> > The irony that in the name of security, the machine used to invent the
web
> (NeXT) may no longer be able to display it.
> >
> > Any thoughts?
> >
> > Jim
> >
More information about the vcf-midatlantic
mailing list