Masu haɓaka aikin Chromium , wanda ke saita iyakar rayuwar takaddun takaddun TLS zuwa kwanaki 398 (watanni 13).
Sharadi ya shafi duk takaddun shaidar uwar garken jama'a da aka bayar bayan Satumba 1, 2020. Idan takardar shaidar ba ta dace da wannan ka'ida ba, mai binciken zai ƙi ta a matsayin mara inganci kuma yana ba da amsa ta musamman tare da kuskure ERR_CERT_VALIDITY_TOO_LONG.
Don takaddun shaida da aka karɓa kafin Satumba 1, 2020, za a kiyaye amana kuma (shekaru 2,2), kamar yau.
A baya can, masu haɓaka Firefox da Safari masu bincike sun gabatar da ƙuntatawa akan iyakar tsawon rayuwar takaddun shaida. Canza kuma .
Wannan yana nufin cewa shafukan yanar gizo masu amfani da takaddun shaida na SSL/TLS na tsawon rai da aka bayar bayan wurin yanke za su jefa kurakuran sirri a cikin masu bincike.
Apple shine farkon wanda ya sanar da sabuwar manufar a taron CA/Browser forum . Lokacin gabatar da sabuwar doka, Apple ya yi alkawarin yin amfani da shi a duk na'urorin iOS da macOS. Wannan zai sanya matsin lamba ga masu gudanar da gidan yanar gizon da masu haɓakawa don tabbatar da takaddun takaddun su sun cika.
Apple, Google, da sauran membobin CA/Masu bincike sun tattauna gajeriyar rayuwar takaddun shaida na tsawon watanni. Wannan manufar tana da fa'ida da rashin amfaninta.
Manufar wannan yunƙurin ita ce inganta tsaron gidan yanar gizon ta hanyar tabbatar da cewa masu haɓakawa suna amfani da takaddun shaida tare da sabbin ma'auni na sirri, da kuma rage adadin tsofaffi, takaddun shaida da aka manta waɗanda za a iya sacewa da sake amfani da su a cikin phishing da mugun nufi ta hanyar kai hari. Idan maharan za su iya karya cryptography a cikin ma'aunin SSL/TLS, takaddun shaida na ɗan gajeren lokaci zai tabbatar da cewa mutane sun canza zuwa ƙarin takaddun takaddun shaida a cikin kusan shekara guda.
Gajarta lokacin ingancin takaddun shaida yana da wasu rashin amfani. An lura cewa ta hanyar ƙara yawan maye gurbin takaddun shaida, Apple da sauran kamfanoni suna ƙara ɗan wahala rayuwa ga masu gidajen yanar gizo da kamfanoni waɗanda dole ne su sarrafa takaddun shaida da bin doka.
A gefe guda, Bari Mu Encrypt da sauran hukumomin takaddun shaida suna ƙarfafa masu kula da gidan yanar gizo don aiwatar da hanyoyin atomatik don sabunta takaddun shaida. Wannan yana rage yawan kuɗin ɗan adam da haɗarin kurakurai yayin da yawan maye gurbin takaddun shaida ke ƙaruwa.
Kamar yadda kuka sani, Bari Mu Encrypt bayar da takaddun takaddun HTTPS kyauta waɗanda zasu ƙare bayan kwanaki 90 kuma suna ba da kayan aikin sarrafa sabuntawa. Don haka yanzu waɗannan takaddun shaida sun dace da mafi kyawun kayan aikin gabaɗaya yayin da masu bincike ke saita iyakar inganci.
Membobin CA/Browser Forum ne suka jefa wannan canjin ga kuri'a, amma yanke shawara .
Результаты
Zabe Mai Ba da Takaddun Shaida
Na ( kuri'u 11): Amazon, Buypass, Certigna (DHIMYOTIS), certSIGN, Sectigo (tsohon Comodo CA), eMudhra, Kamu SM, Bari mu Encrypt, Logius, PKIoverheid, SHECA, SSL.com
Da (20): Camerfirma, Certum (Asseco), CFCA, Chunghwa Telecom, Comsign, D-TRUST, DarkMatter, Amintaccen Datacard, Firmaprofesional, GDCA, GlobalSign, GoDaddy, Izenpe, Network Solutions, OATI, SECOM, SwissSign, TWCA, TrustCor, SecureTrust Trustwave)
An ƙi (2): HARICA, TurkTrust
Takaddun shaida na masu amfani da zabe
Na (7): Apple, Cisco, Google, Microsoft, Mozilla, Opera, 360
A kan: 0
An ƙi: 0
Masu bincike yanzu suna aiwatar da wannan manufar ba tare da izinin hukumomin takaddun shaida ba.
source: www.habr.com