| Yes. Although I would disagree with the statement "it would be a huge security risk for anything on those machines" Older TLS protocols have vulnerabilities yes, but most of them require a very motivated attacker with the ability to do a MITM. I wrote a blog post about why I have decided to support older protocols, https://blog.nyman.re/2021/02/07/usability-security.html , the tl.dr. is that only allowing new TLS just means more forced obsoletion. For Banks and other sensitive things, yes it makes sense, for your personal blog, not so much. I mean... Google still allows TLS 1.0 , if it was a "huge security risk", do you think they would? The updating OpenSSL/breaking symlinks sounds interesting, do you have more info? Personally I have a old iPhone 5S running iOS6 which I use for listening to podcasts. I ran in the the TLS issue there and my solution was to use a proxy https://bitbucket.org/ValdikSS/oldssl-proxy Works well, and until maybe a year ago or I could even browse Apple's Podcast Store, but at some point that stopped working so now I'm stuck with the ones I have there. (Cydia still works though... Thanks Saurik) |