Apple may have just changed a key part of how the internet works

News
By published

Chrome and Firefox following divisive Apple Safari security decision

(Image credit: Shutterstock / Ico Maker)

A central part of the system keeping the internet secure looks set to change for good thanks to a decision made months ago by Apple.

The company declared in February 2020 it would start accepting a new default lifespan of 398 days for TLS certificates - the encryption service that protects web data - going against the existing system set by the Certificate Authority industry.

Now, Google and Mozilla are set to follow suit, meaning the companies behind three of the leading browsers on the market today are changing the way internet security operates.

Apple TLS certificates

Back in February, Apple said that it would be reducing the maximum allowed lifetimes of TLS server certificates of its own accord. The company said that doing so would help improve web security for its users, as this would help weed out bad or insecure TLS certificates which had been affected by cybercrime or malware.

However Apple's actions go against precedents set down by the the CA/B Forum, an industry body made up of representatives from browsers and Certificate Authorities (CAs) alike, and the organisation that usually dictates these lifespans. 

CAs are the companies that issue TLS certificates, the lifespans of which have increasingly shortened in recent years as the need for greater online security grows.

When first introduced, TLS lifespans were eight years long, before gradually falling to two years under pressure from tech firms. With more sites being hit by cyberattacks, and the sheer number of websites across the internet continuing to grow exponentially, the need for flexible and effective TLS certificates to keep pages secure is greater than ever.

Securing websites with HTTPS systems goes a long way to ensuring these protections stay in place, but Apple, Mozilla and Google hope that combining this with shorter TLS certificates might make the job of a hacker harder than before.

The issue now seems decided, with individual CA providers protesting but unable to do much about the stance of Apple and its fellow tech firms. 

So from September 1 2020, users may start to see more HTTPS errors in their browser, but can be reassured that this should mean their connections are arguably more secure - at least in Apple's eyes.

Via ZDNet

TOPICS
Mike Moore
Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.

Latest in Security
Lock on Laptop Screen
Medusa ransomware is able to disable anti-malware tools, so be on your guard
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Coinbase targeted after recent Github attacks
hacker.jpeg
Key trusted Microsoft platform exploited to enable malware, experts warn
IBM office logo
IBM to provide platform for flagship cyber skills programme for girls
Oracle
Oracle denies data breach after hacker claims to hold six million records
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
Latest in News
Cassian Andor looking nervously over his shoulder in Andor season 2
New Andor season 2 trailer has got Star Wars fans asking the same question – and it includes an ominous call back to Rogue One's official teaser
23andMe
23andMe is bankrupt and about to sell your DNA, here's how to stop that from happening
A phone showing a ChatGPT app error message
ChatGPT was down for many – here's what happened
AirPods Max with USB-C in every color
Apple's AirPods Max with USB-C will get lossless audio in April, but you'll need to go wired
A woman sitting in a chair looking at a Windows 11 laptop
It looks like Microsoft might have thought better about banishing Copilot AI shortcut from Windows 11
Lock on Laptop Screen
Medusa ransomware is able to disable anti-malware tools, so be on your guard
More about security
Lock on Laptop Screen

Medusa ransomware is able to disable anti-malware tools, so be on your guard
hacker.jpeg

Key trusted Microsoft platform exploited to enable malware, experts warn
Cassian Andor looking nervously over his shoulder in Andor season 2

New Andor season 2 trailer has got Star Wars fans asking the same question – and it includes an ominous call back to Rogue One's official teaser
See more latest
Most Popular
Cassian Andor looking nervously over his shoulder in Andor season 2
New Andor season 2 trailer has got Star Wars fans asking the same question – and it includes an ominous call back to Rogue One's official teaser
23andMe
23andMe is bankrupt and about to sell your DNA, here's how to stop that from happening
Lock on Laptop Screen
Medusa ransomware is able to disable anti-malware tools, so be on your guard
hacker.jpeg
Key trusted Microsoft platform exploited to enable malware, experts warn
A screenshot from Indiana Jones and the Great Circle showing Indiana Jones
Indiana Jones and the Great Circle finally gets PS5 release date and I can't wait to don the fedora and crack the whip
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Tuesday, March 25 (game #387)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Tuesday, March 25 (game #653)
Quordle on a smartphone held in a hand
Quordle hints and answers for Tuesday, March 25 (game #1156)
AirPods Max with USB-C in every color
Apple's AirPods Max with USB-C will get lossless audio in April, but you'll need to go wired
US flags
US government IT contracts set to be centralized in new Trump order