I received an email from amazon annoucing that they will discontinue support for SSLv3. the buckets affected are those where I put the information using the app force for amazon web services.
Does anyone know if there is anything I need to do, or will the connection fallback to TLS?
best regards, Nelson
email received: Dear AWS Customer,
Your security is important to us. This message explains some security improvements in our services. Please review the entire message carefully to determine whether your use of the services will be affected, and if so what you need to do.
As of 12:00 AM PDT April 30, 2015, AWS will discontinue support of SSLv3 for securing connections to S3 buckets. Security research published late last year demonstrated that SSLv3 contained weaknesses that weakened its ability to protect and secure communications. These weaknesses have been addressed in the replacement for SSL, TLS. Since then, major browser software vendors have been disabling support for SSLv3 and their work is largely complete. Consistent with our top priority to protect AWS customers, AWS will only support versions of the more modern Transport Layer Security (TLS) rather than SSLv3.
The following bucket(s) are currently accepting requests from clients that specify SSLv3 to connect to S3 HTTPS endpoints.
Bucket Name : Region ----------------------------- *****
These requests will fail once AWS disables support for SSLv3 for the Amazon S3 service. To avoid interrupted access, you must update any client software (or inform any clients to update software) making the requests that are using SSLv3 to connect to S3 HTTPS endpoints.
For further reading on SSLv3 security concerns and why it is important to disable support for this nearly 18 year old protocol, we suggest the following articles: https://www.us-cert.gov/ncas/alerts/TA14-290A https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/ http://disablessl3.com/#why
We are happy to discuss with you in detail the necessary changes you must perform to ensure continued secure access to your S3 content.
I'm developing a webapp that I want to encapsulate in a hypbrid iOS app. My webapp is a force.com site builded with javascript and apex and I'm using javascript remoting for calling apex functions.
All examples I saw in are apps using autentication, but my app does not use autentication, so my question is, how do I encapsulate my app so I can create a hybrid iOS app?
I'm developing a webapp that I want to encapsulate in a hypbrid iOS app. My webapp is a force.com site builded with javascript and apex and I'm using javascript remoting for calling apex functions.
All examples I saw in are apps using autentication, but my app does not use autentication, so my question is, how do I encapsulate my app so I can create a hybrid iOS app?
