What you need to know
- Safari will soon warn users of websites whose TLS/SSL certificate is more than 398 days old.
- The change kicks in for certificates issued from September 1st.
- Some websites currently use multi-year certificates.
Soon, Safari will warn users when a website they're visiting is using a TLS/SSL certificate that is valid for more than 398 days. The certificate doesn't need to have expired, either. Any certificate that was valid for more than 398 days when it was issued will automatically be flagged by the browser.
This comes following the 49th CA/Browser Forum in Slovakia, with The Register reporting that the aim is simple – ensure that web developers are using the latest certificates and technology available. Before this move, developers could asign certificates for multiple years, potentially using technology that is long out of date.
The aim of the move is to improve website security by making sure devs use certs with the latest cryptographic standards, and to reduce the number of old, neglected certificates that could potentially be stolen and re-used for phishing and drive-by malware attacks. If boffins or miscreants are able to break the cryptography in a SSL/TLS standard, short-lived certificates will ensure people migrate to more secure certs within roughly a year.
But it isn't all good news, although those likely to face issues are those in charge of websites themselves. They probably aren't all that keen on the idea of being forced to update their certificates sooner than was previously required. Tim Callan, of SSL management firm Sectigo, told The Register that more certificate replacements means an increased chance of something going wrong.
Companies need to look to automation to assist with certificate deployment, renewal, and lifecycle management to reduce human overhead and the risk of error as the frequency of certificate replacement increases.
Currently, both GitHub and Microsoft use two-year certificates, with microsoft.com set to be renewed in October. If Microsoft continues its two-year policy, expect to see Safari tell you that the website isn't secure.
Apple VP Deirdre O’Brien talks adjusting Apple Retail during the pandemic
O'Brien talked about the company's experience in adapting its business to the pandemic at the Fortune Brainstorm Tech virtual conference.
Julianna Margulies, star of 'The Good Wife,' signs on to 'The Morning Show'
Margulies, who has earned nominations for 10 Emmy Awards and 12 Golden Globe Awards, will star alongside Witherspoon and Aniston.
Cast your vote for the best products of the year for the Future Tech Awards
We’re asking iMore readers, to vote on the best products and professionals in multiple categories to help us honor the ground-breaking innovations at the Future Tech Awards.
Find love with these dating simulators on Nintendo Switch
Love is always in the air when you're playing a dating simulator game. Here are the best ones for Nintendo Switch.