Apple is a renowned multinational company that designs, develops and sells hardware, software and mobile devices like iPod, IPad, and iPhones. During the annual WWDC (World Wide Developers Conference) in 2017, Apple proclaimed updates of: Here we have discussed various updates and improvements Apple has proclaimed for OS and SSL certificate for better user experience and website security.
1) Advancement in network security standards
Improved SSL/TSL Support
SHA-1 signed certificate: Many web browsers have stopped supporting SHA-1 signed certificates considering its vulnerabilities. As per Apple’s latest updates.
Firefox: Mozilla enabled TLS 1.3 in its Firefox web browser by default in the year 2017.
Google chrome: Due to compatibility issues, Google Chrome has disabled it after a short period of use.
2. OS (Operating Systems) For Its Devices:
New revocation checking method has been introduced by Apple. As there were certain issues faced in checking certificate revocation, it was the right time when this enhancement was introduced. Certain issues were noticed by experts and have raised questions about the revocation process that is currently used. These issues were:
1) Advancement in network security standards
- SSL/TLS support
- Cryptographic libraries
Improved SSL/TSL Support
SHA-1 signed certificate: Many web browsers have stopped supporting SHA-1 signed certificates considering its vulnerabilities. As per Apple’s latest updates.
- Apple has decided to end SHA-1 support in its new operating systems.
- SHA-1 signed root certificates will continue to be supported.
- Private keys less than 2048 bits will no longer be trusted.
- Client certificate as well as SSL certificates, which are shared through Mobile Device Management, will continue to be supported.
- This will facilitate developers to test TLS 1.3.
- Apple had also mentioned that TLS 1.3 will offer drastically fast handshake time. This time will be just 1/3rd of the existing TLS connection speed.
Various Web Browsers Which Enabled TLS 1.3 Are:
Firefox: Mozilla enabled TLS 1.3 in its Firefox web browser by default in the year 2017.
Google chrome: Due to compatibility issues, Google Chrome has disabled it after a short period of use.
2. OS (Operating Systems) For Its Devices:
- High Sierra for iOS, macOS, and watchOS
- New hardware:-
- iPad Pro
- HomePod smart speaker
New revocation checking method has been introduced by Apple. As there were certain issues faced in checking certificate revocation, it was the right time when this enhancement was introduced. Certain issues were noticed by experts and have raised questions about the revocation process that is currently used. These issues were:
- SSL certificate has been compromised to contacting the CA (Certification Authority) for revoking
- The problem in communicating with the client about the revoked SSL certificates.
No comments:
Post a Comment