macOS 27 (due September 2026) will likely drop AFP file sharing and enforce TLS 1.2+ with ATS-compliant ciphers for MDM, app distribution, and Apple update servers.
Key Takeaways
AFP removal has been threatened since OS X Mavericks (2013); Apple silicon Macs upgrading to macOS 27 would lose Time Machine backups to AFP-only NAS devices.
Time Capsules (discontinued 2018, last shipped 2013) and legacy NAS systems that only support AFP are the primary failure point.
TLS changes apply to MDM, DDM, Automated Device Enrolment, app distribution, and Apple software updates; local Content Caching servers are exempt.
Apple published a network diagnostics logging profile and a sysdiagnose predicate to help admins surface ATS violations before the cutover.
Hacker News Comment Review
Commenters largely view the TLS 1.2 floor as overdue housekeeping, noting TLS 1.1 was deprecated industry-wide five years ago and the real friction is legacy enterprise MDM infrastructure, not the standard itself.
The AFP story is mostly a Time Capsule eulogy: the hardware has been unsupported since 2018 and a non-trivial population is still running Time Machine over AFP on decade-old units, with no SMB3 upgrade path short of new hardware.
A past Apple networking regression (mDNSResponder rewrite, reverted in 2015) surfaced as a cautionary note, with skepticism about whether Apple can execute clean removals without collateral breakage.
Notable Comments
@jychang: Built Samba 4 for Apple Time Capsule hardware, enabling SMB on the device as a potential AFP migration path.
@JumpCrisscross: Flags the Apple silicon + AFP-only NAS trap as a possible product opportunity for a SMB3 bridge or NAS firmware update.
