[vbezhenar]

So iPhone 4S is out of luck. That's terrible move. Suddenly half of the Internet becomes inaccessible to a perfectly working device. Though I think that user can install new CA certificate, so it's possible to manuall work around that problem.

[bdhess]

The iPhone 4S has not received a security update in >2 years, and has >700 known security vulnerabilities, so it is not a "perfectly working device," it's a "probably compromised device."

https://nvd.nist.gov/vuln/search/results?adv_search=true&for...

[cpach]

”Though I think that user can install new CA certificate, so it's possible to manuall work around that problem.”

Good point. Generally it’s a bad idea for users to install any CA certificates on their devices, but in this case I think it makes sense.