Security News > 2020 > July > Mozilla Joins Apple, Google in Reducing TLS Certificate Lifespans
Mozilla is the latest browser maker to have announced updated policies that would reduce the lifetime of TLS certificates.
Currently, SSL/TLS certificates have a maximum lifespan of 825 days in an attempt to ensure better protection of HTTPS connections, browser makers such as Apple, Google and Mozilla are looking into reducing that period to 398 days.
"This change will affect only TLS server certificates issued from the Root CAs preinstalled with iOS, iPadOS, macOS, watchOS, and tvOS. Additionally, this change will affect only TLS server certificates issued on or after September 1, 2020; any certificates issued prior to that date will not be affected by this change," Apple said.
"In preparation for updating our root store policy, we surveyed all of the certificate authorities in our program and found that they all intend to limit TLS certificate validity periods to 398 days or less by September 1, 2020," the organization notes.
Most CAs have already announced plans to limit the TLS certificate validity, but many complained that having to issue certificates more often creates additional burden on them.
News URL
Related news
- How Google’s 90-day TLS certificate validity proposal will affect enterprises (source)
- Google Chrome's new post-quantum cryptography may break TLS connections (source)
- Apple and Google Launch Cross-Platform Feature to Detect Unwanted Bluetooth Tracking Devices (source)
- Google, Apple gear to raise tracking tag stalker alarm (source)
- Apple and Google add alerts for unknown Bluetooth trackers to iOS, Android (source)