192
Sysadmins slam Apple’s SSL/TLS cert lifespan cuts
(www.theregister.com)
This is a most excellent place for technology news and articles.
Smells like you didn't read the article, it's an ongoing trend:
Reducing it to one year made sense, one year down to 10 days is actually a fucking massive difference. Practically speaking, it’s a far, far bigger change than 8 years down to 1.
This isn’t just an “ongoing trend” at this point, it would be a fundamental change to the way that certificates are managed i.e. making it impossible to handle renewals manually for any decently sized business.
They never said the ongoing trend wasn't logarithmic. By 2030 you'll be updating certs 6-8 times a day! Please drink verification can.
Thank you for the smug response however I did indeed read the article and going from 13 months to 10 days is not a trend but a complete rearchitecture of how certificates are managed.
You have no idea how many orgs have to do this manually as their systems won’t enable it to be automated. Following a KBA once a year is fine for most (yet they still forget and websites break for a few days; this literally happened to NVD of all things a few weeks ago).
This change is a 36x increase in effort with no consideration for those who can’t renew and apply certs programmatically / through automation.
Don't worry. All that old gear is at least 45 days old - so old - and isn't an apple product anyway probably. Ergo, support isn't their issue and you will have to take that up with your OEM because la-la-la-laaaaa, can't hear you. Wanna go ride bikes?
Then do explain your conspiracy theory. Sectigo could go for a money grab, otherwise... probably just forcing automation without thinking of impact, as usual.