397 liens privés
Matrice de compatibilité navigateur / protocole SSL TLS.
On peut voir que Android ne gère pas TLS 1.2 avant Kitkat.
Or iOS9 exige maintenant du TLS 1.2 uniquement (avec des ciphers permettant le Perfect Foward Secrecy)
"""
If you’re developing a new app, you should use HTTPS exclusively. If you have an existing app, you should use HTTPS as much as you can right now, and create a plan for migrating the rest of your app as soon as possible. In addition, your communication through higher-level APIs needs to be encrypted using TLS version 1.2 with forward secrecy. If you try to make a connection that doesn't follow this requirement, an error is thrown. If your app needs to make a request to an insecure domain, you have to specify this domain in your app's Info.plist file.
"""
source: https://developer.apple.com/library/prerelease/ios/releasenotes/General/WhatsNewIniOS/Articles/iOS9.html
Cela peut poser problème quand on fait une app multiplateforme (android/iOS) et qu'on veut assurer la rétrocompatibilité. Il existe cependant une solution de contournement, en attendant: http://ste.vn/2015/06/10/configuring-app-transport-security-ios-9-osx-10-11/
EDIT: et je précise car la doc officielle n'est pas claire
"""
iOS9 requires the server to only support TLSv1.2 and support perfect forward security.
"""
source: http://stackoverflow.com/questions/30778579/kcfstreamerrordomainssl-9802-when-connecting-to-a-server-by-ip-address-through
EDIT2: Je ne parle que de App Transport Security ici
"""
App Transport Security (ATS) lets an app add a declaration to its Info.plist file that specifies the domains with which it needs secure communication.
"""
EDIT3: Ce que j'ai dit plus haut est faux (TLS 1.2 only sur iOS9). Par contre il faut respecter les ciphers précisés ici: https://developer.apple.com/library/prerelease/ios/technotes/App-Transport-Security-Technote/ et surtout avoir une signature en SHA256.