[vcf-midatlantic] www locks out older browsers

Jim Scheef js at sdf.org
Mon Nov 12 11:16:53 EST 2018

I first posed this question on the Vintage Apple Macintosh Enthusiasts group
on FB. Jason Duerstock commented: "It's not trivial, but I believe you're
looking for something like this:
calling-tls-1-2-downstream Proxy server accepting TLS 1.0 and calling TLS
1.2 downstream"
The documentation
https://mitmproxy.readthedocs.io/en/v2.0.2/features/reverseproxy.html is
easier to read. 
Seeing that we were quite happy using these sites without any encryption,
the loss of end to end security seems inconsequential.
The key words in Jason's comment were "It's not trivial..." 

> -----Original Message-----
> From: vcf-midatlantic <vcf-midatlantic-bounces at lists.vcfed.org> On Behalf
> David Gesswein via vcf-midatlantic
> Sent: Monday, November 12, 2018 7:21 AM
> To: Jim Scheef via vcf-midatlantic <vcf-midatlantic at lists.vcfed.org>
> Cc: David Gesswein <djg at pdp8online.com>
> Subject: Re: [vcf-midatlantic] www locks out older browsers
> I assume you could run a local proxy that converts. It breaks the end to
> security though. Businesses use these proxys for monitoring.
> On Mon, Nov 12, 2018 at 01:08:43AM -0500, Jim Scheef via vcf-midatlantic
> wrote:
> > Hello all,
> >
> > After playing with an eMac running OS X 10.3 several months back, I let
it sit
> for a few months. Now it can no longer open most common websites. So what
> changed while the machine was not even plugged in? After some
investigation I
> realized that main-stream sites have changed their SSL to require TLS 1.2,
> because it actually works. The result is that vintage browsers return an
> similar to ???cannot establish secure connection???. Forcing SSL by
refusing to
> connect on port 80, these sites have locked out many vintage machines.
> >
> > So, what can be done? The obvious solution is to find a modern browser
> runs on your vintage OS. This may require an OS upgrade (OS X 10.4 should
> on the eMac) which allows running TenFourFox, which seems to include TLS
> >
> > The irony that in the name of security, the machine used to invent the
> (NeXT) may no longer be able to display it.
> >
> > Any thoughts?
> >
> > Jim
> >

More information about the vcf-midatlantic mailing list