Apple has announced that its Safari browser will stop accepting HTTPS certificates that are valid for more than 13 months or 398 days, and this will come into force later this year.
These HTTPS certificates are designed to ensure that your connection to a website is secure, providing encryption that protects data exchanged between the user’s browser and the website. Many companies are currently using certificates that are valid for longer than Apple’s new restrictions, often extending up to two years or more.
For example, websites like Microsoft and others are using HTTPS certificates which are valid for up to two years. When these new rules come into force, Apple’s Safari will reject these websites if their certificates exceed the 398-day validity period. This change is significant because it will require website administrators to update their certificates more frequently, ensuring they adhere to the latest security standards.
Why Apple is Making This Change
Apple’s decision to limit the validity of HTTPS certificates to 13 months is rooted in enhancing security. Shorter certificate lifespans mean that compromised or outdated certificates are phased out more quickly, reducing the risk of security breaches. This move aligns with industry trends towards shorter certificate lifespans, which are seen as a proactive measure to maintain robust security practices.
Moreover, shorter certificate durations encourage website owners to stay up-to-date with the latest encryption technologies and security protocols. This is crucial in an era where cyber threats are constantly evolving, and older certificates may not offer the same level of protection as newer ones.
Impact on Website Owners and Users
This change will come into force on Safari from the 1st of September 2020. Any website using a certificate that is valid for more than 398 days will automatically be rejected by Safari. This means that website owners will need to ensure their certificates are updated within this new timeframe to avoid disruptions for users accessing their sites via Safari.
For website owners, this could mean an increase in administrative tasks, as they will need to renew their certificates more frequently. However, many certificate authorities offer automated renewal services, which can help mitigate the additional workload. It’s also an opportunity for website owners to review their security practices and ensure they are using the most up-to-date and secure certificates available.
For users, this change should result in a more secure browsing experience. With certificates being updated more frequently, the likelihood of encountering a compromised or outdated certificate is reduced. This enhances the overall security of web interactions, protecting sensitive information such as login credentials, personal data, and financial information.
In conclusion, while Apple’s decision to limit HTTPS certificate validity to 13 months may require some adjustments from website owners, it is a positive step towards enhancing online security. By ensuring that certificates are updated more frequently, Apple is helping to protect users from potential security threats and encouraging best practices in website security.
Source The Next Web
Image Credit: ID5
Latest Geeky Gadgets Deals
Disclosure: Some of our articles include affiliate links. If you buy something through one of these links, Geeky Gadgets may earn an affiliate commission. Learn about our Disclosure Policy.