Problem accessing squeak.org with older web browsers

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Problem accessing squeak.org with older web browsers

Phil B
I ran into this issue and wasn't sure if it was intentional or not: I was attempting to get to squeak.org from an old version of OS X (10.6) and neither Firefox or Chrome versions for Snow Leopard are able to render even the main page.  Firefox hangs and Chrome reports ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY.

While I appreciate that supporting the latest and greatest from an SSL standpoint (assuming that's what's going on) is a good thing, it seems overkill to prevent older systems from using the site.  Most other sites large and small still work with both browser versions I tried from at least a basic HTML standpoint... Javascript support is less consistent.

For now I'll just switch to a different system to get what I need but thought it was worth reporting.


Reply | Threaded
Open this post in threaded view
|

Re: Problem accessing squeak.org with older web browsers

marcel.taeumel
Hi Phil,

so, you have Firefox version 48 installed in OS X (10.6)?

Best,
Marcel

Am 10.10.2019 03:49:21 schrieb Phil B <[hidden email]>:

I ran into this issue and wasn't sure if it was intentional or not: I was attempting to get to squeak.org from an old version of OS X (10.6) and neither Firefox or Chrome versions for Snow Leopard are able to render even the main page.  Firefox hangs and Chrome reports ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY.

While I appreciate that supporting the latest and greatest from an SSL standpoint (assuming that's what's going on) is a good thing, it seems overkill to prevent older systems from using the site.  Most other sites large and small still work with both browser versions I tried from at least a basic HTML standpoint... Javascript support is less consistent.

For now I'll just switch to a different system to get what I need but thought it was worth reporting.


Reply | Threaded
Open this post in threaded view
|

Re: Problem accessing squeak.org with older web browsers

marcel.taeumel
Hi Phil,

we do still support TLS 1.0 at the moment. So, Safari 5.1.10 can still open https://squeak.org/.

For more detailed compatibility information (OS, Web brower, ...), visit: https://www.ssllabs.com/ssltest/

Best,
Marcel

Am 10.10.2019 08:39:25 schrieb Marcel Taeumel <[hidden email]>:

Hi Phil,

so, you have Firefox version 48 installed in OS X (10.6)?

Best,
Marcel

Am 10.10.2019 03:49:21 schrieb Phil B <[hidden email]>:

I ran into this issue and wasn't sure if it was intentional or not: I was attempting to get to squeak.org from an old version of OS X (10.6) and neither Firefox or Chrome versions for Snow Leopard are able to render even the main page.  Firefox hangs and Chrome reports ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY.

While I appreciate that supporting the latest and greatest from an SSL standpoint (assuming that's what's going on) is a good thing, it seems overkill to prevent older systems from using the site.  Most other sites large and small still work with both browser versions I tried from at least a basic HTML standpoint... Javascript support is less consistent.

For now I'll just switch to a different system to get what I need but thought it was worth reporting.


Reply | Threaded
Open this post in threaded view
|

Re: Problem accessing squeak.org with older web browsers

Phil B
In reply to this post by marcel.taeumel
Hi Marcel,

It was actually Firefox 39 and Chrome 45 on OS X 10.6.  It just seemed strange that a site that doesn't seem to have any real need for (or provide value in making) hard-line security cutoffs would choose to do so.  (i.e. sites from google.com to pharo.org don't do that... why should squeak.org?)  Put another way: what's the rationale for not keeping less secure, or even totally unencrypted, options available to keep the site as accessible as possible?

For my situation, I was able to just switch to a different system.  But had the only thing available been a device with an old browser that couldn't (conveniently or otherwise) be upgraded, it would have been quite annoying.

Thanks,
Phil

On Thu, Oct 10, 2019 at 2:39 AM Marcel Taeumel <[hidden email]> wrote:
Hi Phil,

so, you have Firefox version 48 installed in OS X (10.6)?

Best,
Marcel

Am 10.10.2019 03:49:21 schrieb Phil B <[hidden email]>:

I ran into this issue and wasn't sure if it was intentional or not: I was attempting to get to squeak.org from an old version of OS X (10.6) and neither Firefox or Chrome versions for Snow Leopard are able to render even the main page.  Firefox hangs and Chrome reports ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY.

While I appreciate that supporting the latest and greatest from an SSL standpoint (assuming that's what's going on) is a good thing, it seems overkill to prevent older systems from using the site.  Most other sites large and small still work with both browser versions I tried from at least a basic HTML standpoint... Javascript support is less consistent.

For now I'll just switch to a different system to get what I need but thought it was worth reporting.



Reply | Threaded
Open this post in threaded view
|

Re: Problem accessing squeak.org with older web browsers

marcel.taeumel
For my situation, I was able to just switch to a different system. 

Just use Safari on your OS X 10.6 system. 

what's the rationale for not keeping less secure, or even totally unencrypted, options available to keep the site as accessible as possible?

Whether or not a certain security measure for a certain kind of content is appropriate or not ... can be a quite hard to discuss in an objective manner. We do still support TLS 1.0, which is that "less secure" option you are looking for. I am afraid that we cannot offer an unencrypted way. Look, it is even challenging to get the OpenSmalltalk VM running in recent macOS because of all that encryption stuff. It is just not feasible to go "totally unencrypted" these days. Sorry for any inconveniences.

Best,
Marcel

Am 10.10.2019 09:29:27 schrieb Phil B <[hidden email]>:

Hi Marcel,

It was actually Firefox 39 and Chrome 45 on OS X 10.6.  It just seemed strange that a site that doesn't seem to have any real need for (or provide value in making) hard-line security cutoffs would choose to do so.  (i.e. sites from google.com to pharo.org don't do that... why should squeak.org?)  Put another way: what's the rationale for not keeping less secure, or even totally unencrypted, options available to keep the site as accessible as possible?

For my situation, I was able to just switch to a different system.  But had the only thing available been a device with an old browser that couldn't (conveniently or otherwise) be upgraded, it would have been quite annoying.

Thanks,
Phil

On Thu, Oct 10, 2019 at 2:39 AM Marcel Taeumel <[hidden email]> wrote:
Hi Phil,

so, you have Firefox version 48 installed in OS X (10.6)?

Best,
Marcel

Am 10.10.2019 03:49:21 schrieb Phil B <[hidden email]>:

I ran into this issue and wasn't sure if it was intentional or not: I was attempting to get to squeak.org from an old version of OS X (10.6) and neither Firefox or Chrome versions for Snow Leopard are able to render even the main page.  Firefox hangs and Chrome reports ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY.

While I appreciate that supporting the latest and greatest from an SSL standpoint (assuming that's what's going on) is a good thing, it seems overkill to prevent older systems from using the site.  Most other sites large and small still work with both browser versions I tried from at least a basic HTML standpoint... Javascript support is less consistent.

For now I'll just switch to a different system to get what I need but thought it was worth reporting.



Reply | Threaded
Open this post in threaded view
|

Re: Problem accessing squeak.org with older web browsers

marcel.taeumel
I will raise this item at the next Squeak Board Meeting.

Best,
Marcel

Am 10.10.2019 10:10:55 schrieb Marcel Taeumel <[hidden email]>:

For my situation, I was able to just switch to a different system. 

Just use Safari on your OS X 10.6 system. 

what's the rationale for not keeping less secure, or even totally unencrypted, options available to keep the site as accessible as possible?

Whether or not a certain security measure for a certain kind of content is appropriate or not ... can be a quite hard to discuss in an objective manner. We do still support TLS 1.0, which is that "less secure" option you are looking for. I am afraid that we cannot offer an unencrypted way. Look, it is even challenging to get the OpenSmalltalk VM running in recent macOS because of all that encryption stuff. It is just not feasible to go "totally unencrypted" these days. Sorry for any inconveniences.

Best,
Marcel

Am 10.10.2019 09:29:27 schrieb Phil B <[hidden email]>:

Hi Marcel,

It was actually Firefox 39 and Chrome 45 on OS X 10.6.  It just seemed strange that a site that doesn't seem to have any real need for (or provide value in making) hard-line security cutoffs would choose to do so.  (i.e. sites from google.com to pharo.org don't do that... why should squeak.org?)  Put another way: what's the rationale for not keeping less secure, or even totally unencrypted, options available to keep the site as accessible as possible?

For my situation, I was able to just switch to a different system.  But had the only thing available been a device with an old browser that couldn't (conveniently or otherwise) be upgraded, it would have been quite annoying.

Thanks,
Phil

On Thu, Oct 10, 2019 at 2:39 AM Marcel Taeumel <[hidden email]> wrote:
Hi Phil,

so, you have Firefox version 48 installed in OS X (10.6)?

Best,
Marcel

Am 10.10.2019 03:49:21 schrieb Phil B <[hidden email]>:

I ran into this issue and wasn't sure if it was intentional or not: I was attempting to get to squeak.org from an old version of OS X (10.6) and neither Firefox or Chrome versions for Snow Leopard are able to render even the main page.  Firefox hangs and Chrome reports ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY.

While I appreciate that supporting the latest and greatest from an SSL standpoint (assuming that's what's going on) is a good thing, it seems overkill to prevent older systems from using the site.  Most other sites large and small still work with both browser versions I tried from at least a basic HTML standpoint... Javascript support is less consistent.

For now I'll just switch to a different system to get what I need but thought it was worth reporting.