Safari plans to chop down TLS Certificate validity to boost Security

Starting 1st September 2020, Safari announced to cut down the TLS Certificate validity to one year or 398 days including the renewal grace period. That means any certificate issued after 1 September with more than 398 days of validity will be rejected by Apple’s Safari browser.

It is a bold move aim to improve the web security, forcing devs to use Certificates with latest cryptographic standards. Effectively it reduces the time period in which a old neglected certificate can be exploited.

However it also mean the hassle of renewing certificate and handling/renewing private key securely. Renewing process can be automated but still lot of people do it manually for various reason.

Comments