INSUBCONTINENT EXCLUSIVE:
Apple has unveiled a new policy, which will go into effect later this year, that will prevent its Safari browser from accepting new HTTPS
certificates that expire more than 13 months after their creation date.As a result of the new policy, any website using long-life SSL/TLS
certificates issued after the cut-off point will lead to privacy errors being displayed in the iPhone maker's browser.Apple debuted the
new policy at a recent Certification Authority Browser Forum (CA/Browser) meeting in Slovakia
According to people who attended the meeting, from September 1st any new website certificate valid for more than 398 days will not be
trusted by Safari and will be rejected
However, older certificates issued before this deadline, will not be affected by this new rule.Since Apple has made the decision to
implement this new policy in Safari, the company will effectively have to enforce it on all devices running either iOS or macOS
This means that developers and website administrators will be forced to ensure that their certificates meet Apple's requirements or
they'll risk losing many visitors to their sites.Apple, Google and other members of CA/Browser have considered cutting certificate lifetimes
for months but the policy comes with benefits as well as drawbacks.The main goal of the policy is to help improve website security by
ensuring that developers use certificates with the latest cryptographic standards while also reducing the number of old certificates that
could potentially be stolen and re-used by cybercriminals launching phishing campaigns or malware attacks.By increasing the frequency of
certificate replacements, Apple will be making life more difficult for site owners as well as businesses that have to manage these
certificates and compliance.While Apple has yet to make a public announcement regarding its new policy, Digicert's Dean Coclin provided
to be trusted by Safari, you will no longer be able to issue publicly trusted TLS certificates with validities longer than 398 days after
Any certificates issued before Sept
1, 2020 will still be valid, regardless of the validity period (up to 825 days)
