When will IOS and OSX be compatible with TLS 1.1 and above we need to stop using TLS 1.0 for PCI compliance to pass.

I Was told by an Apple senior enterprise advisor that they confirmed that OSX 10.11 (and prior) and iOS 9 and prior do not support TLS 1.1 or 1.2 when it comes to Apple Mail. However he said that MacOS Sierra (10.12?) and iOS 10 betas do support it. He also said that this may change in the final release, but I sure hope it will work in these versions. So, something to look forward to. He also said to sign up for the public beta and try it out, but I don't have a lot of spare time these days. Anyway, should be interesting.

Hello all. Windows Server Engineer here. I am having the same issue from the Windows Server side of things and found that the ONLY "solution" (whether I like it or not) is to add TLS_RSA_WITH_3DES_EDE_CBC_SHA to my Exchange server's cipher suite.

You can check here, here and here to verify.

Once I added 3DES back to the Exchange server's cipher suite, all Macs started sending/receiving email again.

For us, this applied to Outlook for Mac 2011 and 2016, as well as MacMail users. It seems that while OSX itself can do more advanced ciphers, its capacity to handle email is relegated to nothing higher than 3DES.

This isn't the answer any of us security people wanted to hear, but it is the only answer known to work at this time.

So just finished testing Mail under macOS Sierra (10.12, Mail v10), and iOS 10 Mail with TLSv1.0 disabled on mail server. Results:

macOS Sierra Mail: it is working fine as expected. Checked connection doctor in Mail app and it shows that it is connecting with TLSv1.2 (as it should), and I can send and receive mail normally.

iOS Mail: still not working. I simply find myself in a position of losing all faith in the Apple iOS dev team. What is going on here? Do we really need to wait yet another year for another major iOS update for them to finally disable TLSv1.0 came out in 1999!!!!! Lets please go into this millennium Apple and get iOS Mail compatible with TLSv1.2 (or at least TLSv1.1). Thank you.

Mr. L

Yes, no change on iOS 10.

Please take a look at

https://www.heise.de/forum/Mac-i/News-Kommentare/Verschluesselung-Apple-heuert-K rypto-Experten-zurueck/10-0-1-unveraendert/posting-29218072/show/

The issue is still the same: On TLS CLIENT HELLO "modern" ciphers are announced. But the negotiation with the server will lead to a cipher from TLS 1.0.

On the linked page above you will see also log entries from the IMAP server. Here the iOS 10 client did connections with DHE-RSA-AES256-SHA (OpenSSL short name, correct name: TLS_DHE_RSA_WITH_AES_256_CBC_SHA).

The last log line shows the connection of Thunderbird running on OS X 10.9: ECDHE-RSA-AES128-GCM-SHA256 - fine cipher with Galois Counter Mode (TLS 1.2)!

BTW - Apple said that they throw old TLS garbage out of iOS 10, RC4 and other ancient stuff. As you see in the TLS Client Hello the iOS Mail still says that it supports RC4.

I have downloaded and installed macOS 10.12 Sierra as well as iOS 10 (now 10.0.2). Then I disabled TLSv1.0 on the mail server. Results:

macOS 10.12 Sierra Mail client - secure IMAP - works

macOS 10.12 Sierra Mail client - secure SMTP - works

iOS 10.0.2 Mail client - secure IMAP - not working

iOS 10.0.2 Mail client - secure SMTP - not working

I have attempted to contact the senior Apple advisors to find out why the functionality was pulled from the final iOS release but have not received an answer. I will post as soon as I hear back from Apple.

(Still on iOS 10.0.1)

Surprise!

This is the analyzation of TLS Client Hello of AirMail on iOS 10.0.1 when connecting to IMAP server:

Version: TLSv1 Record Length: 201 Message Length: 197 Version: TLSv1.2 ServerRandom, Time: 1475313410, Sat Oct 1 11:16:50 2016 Session ID Length: 32 Cipher Suite Length: 44 0x00 0xFF TLS_EMPTY_RENEGOTIATION_INFO_SCSV 0xC0 0x2C TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (ECDHE-ECDSA-AES256-GCM-SHA384) 0xC0 0x2B TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (ECDHE-ECDSA-AES128-GCM-SHA256) 0xC0 0x24 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (ECDHE-ECDSA-AES256-SHA384) 0xC0 0x23 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (ECDHE-ECDSA-AES128-SHA256) 0xC0 0x0A TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (ECDHE-ECDSA-AES256-SHA) 0xC0 0x09 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (ECDHE-ECDSA-AES128-SHA) 0xC0 0x08 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (ECDHE-ECDSA-DES-CBC3-SHA) 0xC0 0x30 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (ECDHE-RSA-AES256-GCM-SHA384) 0xC0 0x2F TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (ECDHE-RSA-AES128-GCM-SHA256) 0xC0 0x28 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (ECDHE-RSA-AES256-SHA384) 0xC0 0x27 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (ECDHE-RSA-AES128-SHA256) 0xC0 0x14 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (ECDHE-RSA-AES256-SHA) 0xC0 0x13 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (ECDHE-RSA-AES128-SHA) 0xC0 0x12 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (ECDHE-RSA-DES-CBC3-SHA) 0x00 0x9D TLS_RSA_WITH_AES_256_GCM_SHA384 (AES256-GCM-SHA384) 0x00 0x9C TLS_RSA_WITH_AES_128_GCM_SHA256 (AES128-GCM-SHA256) 0x00 0x3D TLS_RSA_WITH_AES_256_CBC_SHA256 (AES256-SHA256) 0x00 0x3C TLS_RSA_WITH_AES_128_CBC_SHA256 (AES128-SHA256) 0x00 0x35 TLS_RSA_WITH_AES_256_CBC_SHA (AES256-SHA) 0x00 0x2F TLS_RSA_WITH_AES_128_CBC_SHA (AES128-SHA) 0x00 0x0A TLS_RSA_WITH_3DES_EDE_CBC_SHA (DES-CBC3-SHA) Compression Methods Length: 1 Extensions Length: 80 Extension: 0x00 0x00, Extension Length: 19 Extension: 0x00 0x0A, Extension Length: 8, EC list: sect233k1 secp256r1 secp384r1 secp521r1 Extension: 0x00 0x0B, Extension Length: 2 Extension: 0x00 0x0D, Extension Length: 18 Extension: 0x00 0x05, Extension Length: 5 Extension: 0x00 0x12, Extension Length: 0 Extension: 0x00 0x17, Extension Length: 0

To compare here are the ciphers announced by Mail:

Cipher Suite Length: 50 0x00 0xFF TLS_EMPTY_RENEGOTIATION_INFO_SCSV 0xC0 0x24 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (ECDHE-ECDSA-AES256-SHA384) 0xC0 0x23 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (ECDHE-ECDSA-AES128-SHA256) 0xC0 0x0A TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (ECDHE-ECDSA-AES256-SHA) 0xC0 0x09 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (ECDHE-ECDSA-AES128-SHA) 0xC0 0x08 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (ECDHE-ECDSA-DES-CBC3-SHA) 0xC0 0x28 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (ECDHE-RSA-AES256-SHA384) 0xC0 0x27 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (ECDHE-RSA-AES128-SHA256) 0xC0 0x14 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (ECDHE-RSA-AES256-SHA) 0xC0 0x13 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (ECDHE-RSA-AES128-SHA) 0xC0 0x12 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (ECDHE-RSA-DES-CBC3-SHA) 0x00 0x6B TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (DHE-RSA-AES256-SHA256) 0x00 0x67 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (DHE-RSA-AES128-SHA256) 0x00 0x39 TLS_DHE_RSA_WITH_AES_256_CBC_SHA (DHE-RSA-AES256-SHA) 0x00 0x33 TLS_DHE_RSA_WITH_AES_128_CBC_SHA (DHE-RSA-AES128-SHA) 0x00 0x16 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (DHE-RSA-DES-CBC3-SHA EDH-RSA-DES-CBC3-SHA) 0x00 0x3D TLS_RSA_WITH_AES_256_CBC_SHA256 (AES256-SHA256) 0x00 0x3C TLS_RSA_WITH_AES_128_CBC_SHA256 (AES128-SHA256) 0x00 0x35 TLS_RSA_WITH_AES_256_CBC_SHA (AES256-SHA) 0x00 0x2F TLS_RSA_WITH_AES_128_CBC_SHA (AES128-SHA) 0x00 0x0A TLS_RSA_WITH_3DES_EDE_CBC_SHA (DES-CBC3-SHA) 0xC0 0x07 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA (ECDHE-ECDSA-RC4-SHA) 0xC0 0x11 TLS_ECDHE_RSA_WITH_RC4_128_SHA (ECDHE-RSA-RC4-SHA) 0x00 0x05 TLS_RSA_WITH_RC4_128_SHA (RC4-SHA) 0x00 0x04 TLS_RSA_WITH_RC4_128_MD5 (RC4-MD5)

Airmail SMTP log entry:

Oct 1 11:12:26 xx dovecot: imap-login: Login: user=<xx>, method=PLAIN, rip=::ffff:90.153.xx.xx, lip=::ffff:81.89.xx.xx, TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits), TLS

Airmail IMAP log entry:

Oct 1 11:12:29 xx dovecot: imap-login: Login: user=<xx>, method=PLAIN, rip=::ffff:90.153.xx.xx, lip=::ffff:81.89.xx.xx, TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits), TLS

Well, actually you CAN use TLS 1.2 with iOS 10.0.1 for SMTP and IMAP but you cannot use it with Apple Mail.

So, it seems that both, Mail in iOS 10.1 as well as Mail (v10) in macOS 10.12 are finally working with TLSv1.2. At last, I can turn off TLSv1.0 to be PCI compliant. It only took apple like 1.5 years to step into the current millennium? I so miss Steve Jobs!

Now this is all fine and well if you have a Mac that supports macOS 10.12. But how about the millions of users stuck at OS X 10.11.6? I think we need to contact Apple and urge them to bring out an OS update that includes an update for the Mail app on 10.11 to support TLS 1.1 and TLS 1.2. It would be irresponsible of Apple not to. Please, everybody, participate and post the request here: http://www.apple.com/feedback/mail.html

Thank you!

YES--this works on an older mac running os10.10. Outlook from MS office 365. But REALLY, Apple?

Alternatively, you can use Thunderbird.