Apple is proposing to reduce the validity period of security certificates to 45 days, compared to 398 currently. Although the proposal was made to increase general security, it angers many system administrators.
Certificates are an essential link in the security chain. They are used to prove, in theory, that we are who we say we are. They are there to ensure the identification of an entity and are the basis of the chain of trust on the Internet, even today. But their problems are multiple. In particular, if a malicious actor manages to get hold of a certificate, they can exploit potential vulnerabilities for an extended period of time.
Apple wants to reduce validity to 45 days
This is the duration that Apple wants to tackle. Let us note right away that this is not the first company to offer such a reduction. Before 2011, the validity of a certificate could therefore be for a maximum of 8 years. Over the following decade, the duration was gradually reduced to reach the maximum of 398 days that we know today. However, Google had already suggested lowering it to 90 days.
