So far, SSL / TLS certificates have a maximum lifespan of 825 days. However in an effort to ensure better connection protection HTTPS, browser makers such as Apple, Google and Mozilla are considering reducing this period to 398 days.
The first to make this move was Apple, which he said earlier this year that from September 2020, TLS certificates should be valid for up to 398 days.
"This change will only affect TLS certificates issued by Root CAs pre-installed with iOS, iPadOS, MacOS, watchOS and tvOS. "In addition, this change will only affect TLS server certificates issued after September 1, 2020. Any certificates issued before that date will not be affected by this change," the company said.
And Google announced last month that it would follow in Apple's footsteps Chrome, also from September 1, 2020. The company will reject certificates that violate its new policy.
Now Mozilla says it is also ready to take a similar step, explaining that the move will have many benefits for safety and privacy: certificates that use outdated or weak algorithms will be removed faster, there will be fewer interruptions, and exposure will be reduced. In addition, some impersonation attacks are likely to be mitigated in this way.
"As we prepare to update our root store policy, we have researched all the Certification Authorities (CAs) in our program and found that they all intend to limit the validity periods of the TLS Certificate to 398 days or less by September 1, 2020," he said. The company.
So far, Microsoft is the only major technology company that has not yet made such a move, but as things stand, so will it.