In February, Apple implemented a rule in Safari in which TLS certificates have a lifespan of 398 days. According to ZDNet, Apple made this decision on its own without going through the standard procedure with certificate authorities.
Instead of calling for a vote, Apple simply announced its decision to implement 398-day lifespans on its devices, regardless of what the CAs in the CA/B Forum thought of the issue.
What took place this year is, in no simpler words, a demonstration that browser makers control the CA/B Forum, and that they hold full control of the HTTPS ecosystem, and that CAs are merely participants with no actual power.
Check It Out: How Apple Disrupted Certificate Authorities With Safari
