I'm the developer of Giant Bomb Video Buddy and I recently starting receiving reports that users on Android versions < 5.0 are receiving connection errors 100% of the time. I did some investigating and it appears that the issue is that giantbomb.com is now rejecting all TLSv1 cipher suites. Is this going to be the case going forward, or is it just a temporary configuration?
I ask because, if it is a permanent change, I will need to push an update that manually enables TLSv1.1 for users of Android 4.1 and newer, but drops support for users of Android v4.0.4 (which only supports TLSv1). They're in the minority, but I wanted to check before giving anyone the boot.
Edit: I've been in an HTTPS mindset lately and initially overlooked the option of having the app fall back to an unencrypted connection on devices that can't readily support TLSv1.1. That would be an alternative for older devices if TLSv1 support is gone for good.
Log in to comment