Paul Dupuis wrote: > On 7/11/2016 7:05 AM, Peter TB Brett wrote: ... >> Apple will be requiring ATS for all iOS apps submitted to the app >> store from the beginning of 2017. ... >> The "Let's Encrypt" project may be useful. https://letsencrypt.org/ > > I realize that LiveCode has no influence over Apple, but this is one > of the most bone-headed thing Apple has ever done to it's developers. > There are millions of web servers out there without any logins, > serving publicly available data or information, that do not need to > be encrypted...
HTTPS serves two purposes: one is encryption of data in transport, which may or may not be truly necessary. When when a server only hosts publicly-available information it may indeed seem overkill.
But the other purpose is very useful for us all: it helps ensure that the site you think you're accessing is indeed what it claims to be.
A self-signed certificate can provide encryption, but only a cert authenticated by a respected third party can verify the site's identity.
Until recently Apple's requirement may have been seen as onerous, since the cost of deploying to the app store would effectively more than double, given that the cost of some good authenticated certs can be greater than the cost of Apple's dev program.
Thankfully the Let's Encrypt project is now here to save the day, making our lives as site managers easier while protecting our site's visitors.
Let's Encrypt is a consortium sponsored by Mozilla, Akamai, Cisco, the EFF, and many others, to provide an automated system with reliable, efficient certificate deployment, updates, and authentication servers, all at no cost.
Those using shared hosting at Dreamhost will find Let's Encrypt available now right in their control panel, easily set up with just a couple clicks.
Those using shared hosts running CPanel will have to wait just a few more weeks while that team's control panel support completes its beta testing.
If you're using a VPS or dedicated server with Ubuntu 16.04, you'll find letsencrypt in the standard apt-get package repositories so it can be installed and updated as conveniently as anything else in the system.
For other VPS or dedicated hosts you can also install and maintain Let's Encrypt through git; instructions for that are provided at the Let's Encrypt URL Peter shared above.
-- Richard Gaskin Fourth World Systems Software Design and Development for the Desktop, Mobile, and the Web ____________________________________________________________________ ambassa...@fourthworld.com http://www.FourthWorld.com _______________________________________________ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
