[Cryptography] Apple's 13-month certificate policy
John-Mark Gurney
jmg at funkthat.com
Sat Feb 22 18:55:51 EST 2020
Patrick Chkoreff wrote this message on Sat, Feb 22, 2020 at 18:23 -0500:
> Henry Baker wrote on 2/22/20 12:04 PM:
>
> > https://www.theregister.co.uk/2020/02/20/apple_shorter_cert_lifetime/
> ...
> > We note Let's Encrypt issues free HTTPS certificates that expire after
> > 90 days, and provides tools to automate renewals, so those will be
> > just fine â?????? and they are used all over the web now.
>
> Yes, the auto-renewal works beautifully and eliminates a world of
> headaches. I suspect that Apple's move will accelerate the adoption of
> Let's Encrypt, now that everyone will have to renew more often.
Or at least force other CA's to adaopt the ACME api to issue certs.
Overall, it's a good thing, and IMO, even 90 days is a bit long. With
automated renewal, 7-30 days is more than long enough.
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
More information about the cryptography
mailing list