Hacker News new | ask | show | jobs
by weinzierl 3822 days ago
At the same time Apple encourages the use of HTTPS with App Transport Security (ATS).

   Starting in iOS 9.0 and OS X v10.11, a new security feature 
   called App Transport Security (ATS) is available to apps and is 
   enabled by default. It improves the privacy and data integrity 
   of connections between an app and web services by enforcing 
   additional security requirements for HTTP-based networking 
   requests. Specifically, with ATS enabled, HTTP connections must 
   use HTTPS (RFC 2818). Attempts to connect using insecure HTTP 
   fail. Furthermore, HTTPS requests must use best practices for 
   secure communications.
https://developer.apple.com/library/ios/documentation/Genera...

Does that mean that in the future nearly every App will need the ERN?
2 comments
xedarius 3822 days ago
This is a really interesting point, I was caught out by this during an update. All of a sudden my REST client broke. Took a little digging to find out Apple had enabled HTTPS by default.

Given this, it would seem odd that you would need to apply for an ERN (is this true for app outside of the US?)

link
pupeno 3821 days ago
My personal opinion, which is not that of a lawyer, is that yes, nearly every app developer will need an ERN.
link