Security News > 2020 > July > Mozilla Joins Apple, Google in Reducing TLS Certificate Lifespans

Mozilla Joins Apple, Google in Reducing TLS Certificate Lifespans
2020-07-14 03:48

Mozilla is the latest browser maker to have announced updated policies that would reduce the lifetime of TLS certificates.

Currently, SSL/TLS certificates have a maximum lifespan of 825 days in an attempt to ensure better protection of HTTPS connections, browser makers such as Apple, Google and Mozilla are looking into reducing that period to 398 days.

"This change will affect only TLS server certificates issued from the Root CAs preinstalled with iOS, iPadOS, macOS, watchOS, and tvOS. Additionally, this change will affect only TLS server certificates issued on or after September 1, 2020; any certificates issued prior to that date will not be affected by this change," Apple said.

"In preparation for updating our root store policy, we surveyed all of the certificate authorities in our program and found that they all intend to limit TLS certificate validity periods to 398 days or less by September 1, 2020," the organization notes.

Most CAs have already announced plans to limit the TLS certificate validity, but many complained that having to issue certificates more often creates additional burden on them.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/OAeuiguvZec/mozilla-joins-apple-google-reducing-tls-certificate-lifespans