![A Classic Tactic used to drop Property Values in nice towns... [1379x900 - 1.08MB]](https://files.catbox.moe/987e8l.jpg){kind=link}
pic8 does only one redirect once it selected the best host (based on availability and speed)
Check out https://pic8.co/about to understand how it works.
Apple Safari on IPhone 6 Plus running iOS 8.4 FAILS to connect using HTTPS SSL to pic8.co but WORKS with catbox.moe. pic8.co also fails on other Apple machines. Its use of X25519 might be the problem with pic8.co on older browsers.
Its use of X25519 might be the problem with pic8.co on older browsers.
It’s the other way around. The issue is the older browsers who don’t support the most recent and secure SSL 1.3.
fails even with zero hops to naked url of
EDIT : Apple Safari on IPhone 6 Plus running iOS 8.4 FAILS to connect using HTTPS SSL to pic8.co but WORKS with catbox.moe. pic8.co also fails on other Apple machines. Its use of X25519 might be the problem with pic8.co on older browsers.
Apple does not like servers FORCED in web server code to only serve X25519 on port 443, and older Apple browsers prefer using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA384 (BOTH secp521r1:secp384r1 should be allowed)
suite B :
https://tools.ietf.org/html/rfc6460
Apple is being pedantic and strict and is trying to comply with Suite B. Suite B restricts the curves to P-256 and P-384
TL/DR : pic8.co is broken for widespread HTTPS, and catbox.moe web server is not broken, even though they both have the same exact identical types of SSL certs. Its a web server fuckup at pic8.co, and can be fixed with one line of change on pic8 server to set "ssl_ecdh_curve' to secp521r1:secp384r1.
Catbox doesn’t use the same Curve as pic8. It has a lower security level to be compatible with older browsers. Since pic8 doesn’t host the images, it could be set to support different older encryptions.
(post is archived)