Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Encryption Safari Security Apple

Safari Will Stop Trusting Certs Older Than 13 Months (theregister.co.uk) 115

"Safari will, later this year, no longer accept new HTTPS certificates that expire more than 13 months from their creation date..." writes the Register.

Long-time Slashdot reader nimbius shares their report: The policy was unveiled by the iGiant at a Certification Authority Browser Forum (CA/Browser) meeting on Wednesday. Specifically, according to those present at the confab, from September 1, any new website cert valid for more than 398 days will not be trusted by the Safari browser and instead rejected.

Older certs, issued prior to the deadline, are unaffected by this rule.

By implementing the policy in Safari, Apple will, by extension, enforce it on all iOS and macOS devices. This will put pressure on website admins and developers to make sure their certs meet Apple's requirements — or risk breaking pages on a billion-plus devices and computers... The aim of the move is to improve website security by making sure devs use certs with the latest cryptographic standards, and to reduce the number of old, neglected certificates that could potentially be stolen and re-used for phishing and drive-by malware attacks... We note Let's Encrypt issues free HTTPS certificates that expire after 90 days, and provides tools to automate renewals.

This discussion has been archived. No new comments can be posted.

Safari Will Stop Trusting Certs Older Than 13 Months

Comments Filter:
  • self signed certificate internal use may be an mess.

    • by EvilSS ( 557649 )
      They already are. It's sometimes an interesting exercise to find what browsers will at least let me decide to trust a self signed cert on some admin interface for a piece of hardware. Some just downright refuse and won't give you an option anymore for some certs.
      • by arglebargle_xiv ( 2212710 ) on Sunday February 23, 2020 @11:24PM (#59759226)
        Yup. What this is in effect saying is "Safari opts out of being usable to administer network devices/SCADA/embedded stuff/etc". Admittedly that's not a big market for them since, in my experience, it's almost always done from Windows or occasionally Android, but still, it's a pretty boneheaded move that offers no security benefit while producing a lot of pointless breakage.
        • I wasnâ(TM)t able to find a specific source from Apple, which would of course be preferable; but I though that the wording of Digicertâ(TM)s announcement may imply more nuance:

          Apple announced that beginning Sept. 1, newly issued publicly trusted TLS certificates are valid for no longer than 398 days.

          The statement is specifically âpublicly trustedâ(TM) TLS certificates, rather than just âTLS certificatesâ(TM). This could mean that certs derived from commercial CAs trusted
    • by msauve ( 701917 )
      Good luck trying to update an older device to recent tech, when not only do big brother browsers require https, but now this. And that applies to both consumer and enterprise stuff.

      Remember the Apple "1984" commercial? Apple (and Google too) is the new Big Brother. In a year, we can celebrate the first glorious anniversary of the Information Purification Directives.
    • Does anyone actually use Safari?
  • this will make apples app store only suck even more

  • ... (Two! Two mints in one!) expire after one year.

  • by Retired ICS ( 6159680 ) on Sunday February 23, 2020 @01:50PM (#59757282)

    Apple buys a Certificate Authority so it can cash in on the movement towards "short term" Certificates.

    "There's Gold in them thar Certificates", Tim Cook announced, "because now people will pay the same price as they used to in order to buy a bloody big integer good for only one year, whereas in the old days, a bloody big integer was good for three years. Apple is moving to take advantage of this new trend in the bloody big integer marketplace."

    • Apple buys a Certificate Authority so it can cash in on the movement towards "short term" Certificates.

      "There's Gold in them thar Certificates", Tim Cook announced, "because now people will pay the same price as they used to in order to buy a bloody big integer good for only one year, whereas in the old days, a bloody big integer was good for three years. Apple is moving to take advantage of this new trend in the bloody big integer marketplace."

      Did you read the summary?

      The aim of the move is to improve website security by making sure devs use certs with the latest cryptographic standards, and to reduce the number of old, neglected certificates that could potentially be stolen and re-used for phishing and drive-by malware attacks.

      They have a point. But please feel free to explain to us why keeping years old certificates with outdated crackable cryptography in use is a good thing for everybody.

      • You are assuming that 13 month+ cryptography is cracked by default.

        Speeding up the process isn't much better. When having to move faster like that, and you'll introduce more bugs and errors due to trying to move faster in a time crunch. (Or sites might just drop HTTPS, and default back to http as it is easier for them)

        Newer isn't always better. Time-tested can be a better option.

        As per the article:

        It has been noted that by increasing the frequency of certificate replacements, Apple and others are also making life a little more complicated for site owners and businesses that have to manage the certificates and compliance. "Companies need to look to automation to assist with certificate deployment, renewal, and lifecycle management to reduce human overhead and the risk of error as the frequency of certificate replacement increase

        So either the sites have to do it themselves (which I pointed out the issues there), or outsource it to another

        • by Junta ( 36770 )

          So I don't like a browser unilaterally deciding to ignore the certificates expiry, but there seems to be a likelihood that CAs will go down this route. All that said, the same forces driving no-more-than-year certs will also drive 'screw your http without tls' experience, so there is unlikely to be a big move away from https.

          A new certificate does not necessarily mean new cryptography. The signature has moved to SH256/SHA512, but other than that, the certs are largely generated much the same way they were

          • The biggest risk for old certs is that the private keys are generally lying around on disk storage somewhere unencrypted and will likely walk out the door unprotected one day.. Additionally, some vulnerability manages to give an attacker a copy of a private key without the cert owner even knowing. Capping the validity of those unknown exposures is some mitigation.

            I have never once in my entire life witnessed any CA reject a CSR request because the same private key as last time was used to reissue it. There isn't even a protocol to communicate past keys across all of the global overlapping trust anchors.

            Capping validity without enforcing an arbitrary constraint on private key reuse undermines this entire argument. It becomes just another lame excuse for otherwise indefensible behavior.

            • by Junta ( 36770 )

              Sure, strictly speaking someone could just reuse same private keys unless the CAs all track previously signed public key and reject attempts to reuse (which I wouldn't be surprised if they do start doing just that).

              That said, it is at least fairly likely that a strategy to generate a new CSR will have the organization doing a new key. It's not really any easier to reuse the same key (you have to replace the certificate file everywhere, might as well replace the existing key), and I think most people would

      • If there's a problem with the cryptography, the certificate can be reissued with new cryptography. It doesn't change the expiration date (by much anyways, may shift it a day or two later), so no, they don't have a point.
      • They have a point. But please feel free to explain to us why keeping years old certificates with outdated crackable cryptography in use is a good thing for everybody.

        When intermediate certificates no longer have over a decade of validity to say nothing of roots pushing thirty years come back and make the same arguments.

        Currently what's the limit you can get from a CA ...2 years validity tops?

        Hard to believe such ridiculous arguments are seriously being offered.

      • They have a point. But please feel free to explain to us why keeping years old certificates with outdated crackable cryptography in use is a good thing for everybody.

        Apple's policy has nothing to do with whether or not a particular algorithm or protocol has vulnerabilities. It's perfectly understandable that a browser would refuse to use known vulerable protocols or algorithms, but that is independent of rejecting the certificate outright. Apple's policy doesn't even have anything to do with the age of the certificate. They're saying they'll reject a brand new certificate, using only the latest algorithms, just because it's specified that it will be valid for 13 mont

    • by AmiMoJo ( 196126 )

      For years now most certificate authorities have been offering a new cert on a regular basis at no additional cost. There is even a protocol to automate the updates called ACME.

      It's been good practice to keep certificate lifetimes down for a long time now.

  • This is bullshit (Score:5, Insightful)

    by SirAstral ( 1349985 ) on Sunday February 23, 2020 @01:52PM (#59757296)

    SSL certs for any amount of time should be just fine. This is just a fucking gimmick to increase revenue for the Commercial CA providers, which is already a fucking farce as it is. The amount of effort necessary to maintain a CA is very low and is sure as fuck has never justified the cost of many Certificates.

    The correct solution for when a cert become compromise should be Revocation, but naturally this infrastructure was built like shit so it is not very reliable. As long as a Cert is not Revoked it should be considered as good.

    A Certs validity period only serves as the same bullshit security theater logic that requires people to change their password periodically.

    Like a password... a certificate is secure until it is compromised and requiring a frequent change is High Effort and Low Value process that only encourages people to become less secure not more. You can only push so hard before your efforts start to fucking backfire!

    • by Tensor ( 102132 )
      wish i had mod ponts.
    • Comment removed based on user account deletion
    • Re: (Score:3, Insightful)

      by darkain ( 749283 )

      The problem is KNOWING that a cert has been compromised, which isn't always detected in time. The whole point of expiration is that there are not old and potentially compromised certs laying around everywhere.

      Sure, it would be *GREAT* to live in an ideal world where we got notifications every single time a cert is used in every single case, and could issue revocations from actively monitoring every single interaction with the cert and using that to detected non-sanctioned usages... But if we truly lived in

      • If you want to use an arbitrarily short time frame on your cert that is fine. In fact as the person requesting the cert I hope that you have a good reason for it and I am going to trust you to request that.

        But this is different than the industry forcing you because they said so.

        I also do not have a problem with using expiry for marking when certs do not want to be used past a certain time frame so you do not have to keep a large CRL, but that is not this.

        If you plan on being up a long time... then there is

      • And what if a CA certificate is compromised?

        • What if it is? The majority of CA and Intermediate certificates I've looked at have 10 or 20 year life times. How the hell is that secure when customers are forced to refresh certs every 1 or 3 years? (Now 1 year.)
      • The problem is KNOWING that a cert has been compromised, which isn't always detected in time. The whole point of expiration is that there are not old and potentially compromised certs laying around everywhere.

        The problem with this argument is CAs accept CSRs signed with the same private key used earlier.

        If the vector you are concerned about is operator unaware of compromise this measure not only fails to protect against an ongoing persistent attack it also fails to protect against continuation of benefits from an earlier one-time compromise even AFTER a new cert is issued.

    • Commercial CA providers. Both of them. There is Sectigo and DigiCert, all others are just brands.

    • by Bert64 ( 520050 )

      The commercial providers are dying out, letsencrypt provides free certificates which work just as well and generally have better automation.

    • who pays for certs any more?

      seriously, what is this, 2002?

    • Serious question: at this point, why would anyone pay more than $10 a year for a cert?
    • You can only push so hard before your efforts start to fucking backfire!

      I'd like to believe that, but remember what happened to Equifax. The whole leak thing was a PR trainwreck, but nobody seemed to care and the company's profitability has actually gone up.

      This is for SECURITY. That means it's good by default and you can't dare argue against it. Everyone knows that.

  • I never thought I would utter the catch-phrase "Certificate-Industrial Complex."

    • Good name... Public CA has always been a scam and CA Compromises like Comodo were proof of it. And how long did it take for that to be resolved?

      The Comodo compromise outed both he industry and consumers as ignorant and stupid sitting ducks. Consumers needs to stop bitching about getting fucked around... they seem to love it.

  • Comment removed based on user account deletion
    • i for one always do 1 year because pricing changes and 2-3 year is too long

      The entire CA industry stopped issuing 3 year certs on March 1, 2018. The maximum validity period for publicly trusted SSL certificates is currently 825 days.

  • by sphealey ( 2855 ) on Sunday February 23, 2020 @02:00PM (#59757348)

    What is that supposed to achieve? Renewing and installing a certificate is itself a high-risk activity, and demanding it be done more often is likely to lead to more failures of the trust chain. I'm reminded of the Gateway Arch National Park that was changing the elevator cables that run up the leg of the Arch every 5 years; when one of them broke (fortunately no one was hurt) the elevator cable company's response was basically "you idiots: those are designed to last 50 years. Stop messing with them".

    • by Njovich ( 553857 )

      Make sure the latest CIA/NSA backdoors are included.

    • Renewing and installing a certificate is a high-risk activity when it's done irregularly.

      Huge numbers of certificates are changed at 90 days or less without problems, specifically because people have put in the work to make it a low-risk, automated activity.

  • You mean to tell me there are still people using the Safari browser?

    • Re:Safari? (Score:4, Informative)

      by darkain ( 749283 ) on Sunday February 23, 2020 @02:17PM (#59757436) Homepage

      Literally everyone on iPhones. Even if you use "another browser", it is just framed Safari.

    • You mean to tell me there are still people using the Safari browser?

      I use it, actually. I switched away from Firefox several years ago when it seemed like Mozilla was shooting itself in the foot every other week. I’ve stuck with it because Safari’s developer tools are surprisingly good.

      • I still have a Safari installer for Windows but haven't installed it anywhere in years. The hardware dongle needed to run modern Safari just isn't worth it.

        • The hardware dongle needed to run modern Safari just isn't worth it.

          It took me a couple seconds to grok this, but then I laughed.

  • by sjames ( 1099 ) on Sunday February 23, 2020 @02:18PM (#59757438) Homepage Journal

    I guess Safari will no longer be usable for talking to actually secure embedded devices.

    • by AmiMoJo ( 196126 )

      They should be using ACME. https://en.m.wikipedia.org/wik... [wikipedia.org]

      • by sjames ( 1099 )

        I don't let the management systems of my servers talk to anything off of the management lLAN at all, certainly not a certificate authority. They don't even have a potential route out if I can help it.

        That's a good policy for less formal LANs, such as a home as wel, I fave a few devices at home that are configured via a web browser, but they do not talk to the outside world EVER.

        This is a case of idiots who think they know better than the rest of the world destroying security in the name of security.

        The whol

        • by AmiMoJo ( 196126 )

          You can accept the self signed certificate. I don't know if Safari lets you permanently accept it, Firefox and Chrome do.

          • by sjames ( 1099 )
            Chrome doesn't seem to offer permanent acceptance anymore. At the same time, it doesn't make it convenient to examine the cert before accepting it.
            • by Strider- ( 39683 )

              It doesn't. Furthermore, it won't use its password management tools on a site with an clicked through certificate, forcing people to use easily remembered/guessed passwords for all that internal stuff they really shoudl be keeping more secure. But it will still use its password manager for unencrypted sites, go figure.

            • by AmiMoJo ( 196126 )

              It does, they just made is harder to do. You have to export the certificate and then import it to your local storage.

            • If you want permanent acceptance from Chrome donâ(TM)t you just add the cert as trusted through your OSâ(TM) mechanism for doing so?

              Unless theyâ(TM)ve gone really hardass recently they wonâ(TM)t even throw up the âdo you want to visit this terrible den of deception?â(TM) screen if the cert is trusted, whether by descent from a trusted root or individually. The ability to tell the browser to go ahead anyway is a convenience feature, since groveling around in the cert store is
              • by sjames ( 1099 )

                Only in the sense that it's perfectly acceptable if you have to jack your car up and drop the gas tank in order to fill it. After all, if we make it any easier, people might do it without paying for the service^W^W^W^W^W^W^Wfill it with water. What's next, rip out the configuration menus and files and if you want to change anything, edit the source and recompile?

        • you don't need to run acme on the web server. you can retrieve the certs using sideband auth and ship the certs using whatever secure means you desire.

    • The concept of an embedded device that is actually secure sounds interesting. Is someone somewhere contemplating building such? If so, are they seriously contemplating accessing it with a web browser?

  • by whoever57 ( 658626 ) on Sunday February 23, 2020 @02:23PM (#59757454) Journal

    EditorDavid's headline is wrong.

    The story is that Safari won't accept certificates with an expiration that is more than 13 months from their issue date. So, if you get a new 2 year certificate after the cutoff date, Safari won't accept it immediately.

    Nothing to do with age and all to do with length of validity.

    • I don't understand this as anything but a ploy to annoy users.
      • by ufgrat ( 6245202 )

        To hell with the users. My enterprise defaults to two year certs, and ever since the SHA-1 debacle, we've been trying to space them out so they aren't all expired the same week. We've literally got hundreds of them.

        If hate can be weaponized, expect the Apple campus to spontaneously explode one day.

        • by guruevi ( 827432 )

          You should really move to an automated system to renew your certificates. More than likely in the next few years a CA or an intermediary will be breached requiring you to immediately replace them all in a matter of hours or days. It's happened before, it will happen again.

          If you're managing more than one website and still have to manually manage your certs, you're probably forgetting some.

          • You should really move to an automated system to renew your certificates.

            Unnecessary connectivity is an unnecessary security risk. When I renew I also shop around to avoid being ripped off as much as possible.

            More than likely in the next few years a CA or an intermediary will be breached requiring you to immediately replace them all in a matter of hours or days.

            Perhaps but probably not mine so no action would likely be required of me.

  • by rossz ( 67331 ) <ogreNO@SPAMgeekbiker.net> on Sunday February 23, 2020 @04:48PM (#59758194) Journal

    Apple does not get to set the standard for certificates, yet they are attempting to do so by having their browser ignore standards and implement their own. A technique they are stealing from Microsoft. The goal is to generate more money selling certificates, not to improve security. If security were truly the heart of the issue, their browser would issue a warning when a cert is using a bad encryption method, which has nothing to do with the age of the cert.

    • by divide overflow ( 599608 ) on Sunday February 23, 2020 @05:50PM (#59758432)

      The goal is to generate more money selling certificates, not to improve security.

      Apple isn't a certificate authority and doesn't make a cent from certs. There is no monetary upside to this for Apple.

      • Re: (Score:2, Interesting)

        by Bert64 ( 520050 )

        Not only that, but shorter renewal times will encourage people to move to certificate providers with better automation - eg letsencrypt. I have a bunch of certs with them which renew every 90 days, the process is entirely automated and the certs get auto renewed a couple of weeks before they expire.

        • Not only that, but shorter renewal times will encourage people to move to certificate providers with better automation - eg letsencrypt. I have a bunch of certs with them which renew every 90 days, the process is entirely automated and the certs get auto renewed a couple of weeks before they expire.

          Correct. Moreover, Let's Encrypt is *FREE* so the commercial certificate authorities lose money as their business model collapses. The story is more like what happened to newspaper's classified advertisement revenue post-Craigslist.

      • Yup, but we *love* jumping to conclusions before Apple explains. What I thought was funny is that slashdot is accepting Apple articles from "The Register" -- those always read like they're holding a huge short position on Apple or Steve Jobs stole the owners girlfriend in highschool . . .
    • by EvilSS ( 557649 )

      Yet another Apple money grab

      Care to walk us through how this is an Apple money grab? Like literally show me the money trail here because I'm not seeing it.

  • by WaffleMonster ( 969671 ) on Sunday February 23, 2020 @06:43PM (#59758604)

    There was a vote and Apple lost handily. So naturally they had to go ahead and leverage their position in order to get their fucking way instead.

    It's insane what anti-trust violations Apple is allowed to get away with. Locked down app stores, draconian limitations preventing competing browsers and software that displease Apple. The more power is allowed to be aggregated into the hands of the few the more corruption always follows.

    The issue doesn't matter. Everyone can think it was a good idea or a bad idea. I don't give a f*** makes no difference. One company should not be allowed to have the power to unilaterally dictate terms to the world period.

    • One company should not be allowed to have the power to unilaterally dictate terms to the world period.

      They don't. You just need the courage to vote with your wallet and stop using that company. It's not like the entire world is stuck with the Safari browser.

      This situation is more like Tesla telling all their customers that they need to bring their keyless ignition fobs into a dealer every 13 months to get the code updated. Inconvenient as hell for their customers but they don't have the power to unilaterally dictate terms to the world. After about a year of this nonsense, their customers will just pur

      • They don't. You just need the courage to vote with your wallet and stop using that company. It's not like the entire world is stuck with the Safari browser.

        Do you seriously think myself or anyone will be able to go to any CA and get a 2 year cert after this? Do you think they would dare issue it knowing the complaints that will follow?

        This situation is more like Tesla telling all their customers that they need to bring their keyless ignition fobs into a dealer every 13 months to get the code updated. Inconvenient as hell for their customers but they don't have the power to unilaterally dictate terms to the world.

        This analogy has no relationship to the issue at hand. Tesla bullshit has sway over only Tesla and their customers. This one decision affects the choices available to every website operator in the world whether they want anything to do with Safari or Apple or not.

  • by PrimaryConsult ( 1546585 ) on Monday February 24, 2020 @02:13AM (#59759596)

    Picture a company with a standard policy of 2 year certs. After a decade of corporate mergers the workflows, budget, and schedules have all been ironed out and aligned to handle this across all domains with no customer interruptions.
    Company IT also issues only iPhones as approved mobile devices for connecting to the internal network.

    Which will budge? Will they recall the iPhones and move to Android, or somehow get 30+ website managers, plus the finance team to completely redo their upgrade schedules? For a large, dysfunctional company the phone swap will be the path of least resistance...

    Apple might have shot themselves in the foot here.

    • Does Chrome for iOS respect Apple's certificate rules? That's not a rhetorical question, I genuinely don't know. If it doesn't, that'd probably be the path of least resistance.
  • Why not 13 weeks, or 13 days? Super secure site should renew every 13 hours, no?

    Apple is basically saying they don't trust public CA's. Their next move, Apple issued certificates, just you wait.... And yes, they will be valid only 12 months at a time, so they can raise the price on you every single year, after the first 2 year grace period.

The truth of a proposition has nothing to do with its credibility. And vice versa.

Working...