In February, Apple implemented a rule in Safari in which TLS certificates have a lifespan of 398 days. According to ZDNet, Apple made this decision on its own without going through the standard procedure with certificate authorities.

Instead of calling for a vote, Apple simply announced its decision to implement 398-day lifespans on its devices, regardless of what the CAs in the CA/B Forum thought of the issue.

What took place this year is, in no simpler words, a demonstration that browser makers control the CA/B Forum, and that they hold full control of the HTTPS ecosystem, and that CAs are merely participants with no actual power.

Check It Out: How Apple Disrupted Certificate Authorities With Safari

Add a Comment

Log in to comment (TMO, Twitter, Facebook) or Register for a TMO Account