Swift bug tracker is not fully App Transport Security compliant
| Originator: | danielctull | ||
| Number: | rdar://23925014 | Date Originated: | 16-Dec-2015 08:20 PM |
| Status: | Open | Resolved: | |
| Product: | Developer Tools | Product Version: | https://bugs.swift.org |
| Classification: | Security | Reproducible: | Always |
Summary: When loading https://bugs.swift.org the SSL certificate used does not comply fully with App Transport Security. Specifically it does not support Forward Secrecy. Steps to Reproduce: Run the following on the terminal: nscurl --ats-diagnostics https://bugs.swift.org Expected Results: Default ATS Secure Connection --- ATS Default Connection Result : PASS --- Actual Results: Default ATS Secure Connection --- ATS Default Connection 2015-12-16 20:17:32.116 nscurl[18056:2040565] CFNetwork SSLHandshake failed (-9824) 2015-12-16 20:17:32.117 nscurl[18056:2040565] NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9824) Result : FAIL --- Configuring PFS exceptions for bugs.swift.org --- Disabling Perfect Forward Secrecy Result : PASS ---
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!