Safari Tightening Up on SSL

Apple has always placed a lot of emphasis on the requirement of SSL certificates on all websites.

Now they are introducing a new policy on SSL, which will prevent the Safari browser from accepting HTTPS certificates that expire more than 13 months after their date of creation.

This change will be implemented soon, and will be rolled out across all devices, which means that developers and website administrators will have to conform to Apple’s new requirements.

If they don’t, they risk losing traffic to their website, as sites that don’t meet the regulations will not appear on the Safari browser.

Apple is not the only tech giant that has been looking into cutting certificate authorisation lifespans.

Google and Microsoft have also considered this move, but it looks like Apple was the first to take the leap and make it happen.

The idea behind the policy is to make sure that developers are using the latest encryption standards, as well as reducing the number of older certificates in circulation.

These old certificates are at a higher risk of being stolen or re-used by cybercriminals.

The date set for the implementation of this new policy is 1st September this year.

This means that any certificates issued after this date that have an authorisation period of longer than 398 days will not be trusted by Safari and will not be displayed.

Luckily, certificates issues before this date that have longer validities of over 400 days will still be trusted.

However, the maximum validity period is set at 825 days, so a certificate with this amount of cover that is issued before the cut off date will still be allowed on Safari.

These changes are good to see, and in a world where the threat of cyber crime is always a problem, we must constantly challenge the measures we have in place.