Some Mastodon instances with higher security TLS configurations are not working in Tusky on Android 7.0. This is due to a regression in its system SSL library—fixed in Android 7.1—where the only supported elliptic curve is secp256r1.
As far as I know, there isn't anything that can be fixed on Tusky's part, aside from shipping its own SSL library, which is too big an undertaking.
Sorry to folks who can't use the app because of this.
@Tusky Darn :/ Thanks for looking into it and letting us know. Now I just have to hope that Nextbit will push an update to my phone in the near future.
@Tusky it's maybe possible to work around this by using the Google Play Services SecurityProvider on devices where it's supported https://developer.android.com/training/articles/security-gms-provider.html
@Tusky that reminds me of a bug in 4.2.2 where the OS refuses to renew certificates which have been expired. We had an entire user-base screwed after that whole GlobalSign fuckup with no solution other than "Buy a new phone". http://www.zdnet.com/article/globalsign-security-certificate-foul-up-knocks-out-secure-websites/