Techly NewsGet the app

Get the latest tech news

Sysadmins Rage Over Apple's 'Nightmarish' SSL/TLS Cert Lifespan Cuts


The Register's Jessica Lyons reports: Apple wants to shorten SSL/TLS security certificates' lifespans, down from 398 days now to just 45 days by 2027, and sysadmins have some very strong feelings about this "nightmarish" plan. As one of the hundreds that took to Reddit to lament the proposal said: ...

If approved, it will affect all Safari certificates, which follows a similar push by Google, that plans to reduce the max-validity period on Chrome for these digital trust files down to 90 days. ... [W]hile it's generally agreed that shorter lifespans improve internet security overall -- longer certificate terms mean criminals have more time to exploit vulnerabilities and old website certificates -- the burden of managing these expired certs will fall squarely on the shoulders of systems administrators. [...] Even certificate provider Sectigo, which sponsored the Apple proposal, admitted that the shortened lifespans "will no doubt prove a headache for busy IT security teams, juggling with lots of certificates expiring at different times."

Get the Android app

Or read this on Slashdot

Read more on:

Photo of Apple

Apple

Photo of sysadmins

sysadmins

Related news:

News photo

Apple Announces New, Faster iPad Mini Built For Apple Intelligence

News photo

Sysadmins rage over Apple’s ‘nightmarish’ SSL/TLS cert lifespan cuts

News photo

Apple Releases New AirPods Pro 2 Beta Firmware

« Python 3.14 Alpha 1 Released With Early Changes
Millions of people are creating nude images of pretty much anyone in minutes using AI bots in a ‘nightmarish scenario’ »