Safari Icon

Safari

Apple web browser on macOS and iOS.
6 Stories
All Topics

Six Colors Icon Six Colors

Safari will reject long-lived HTTPS certificates starting September 1

Dan Moren writing for Six Colors:

News out of last week’s meeting of the CA/Browser Forum is that Apple has announced Safari will no longer accept HTTPS certificates older than about 13 months, as of September 1.

The rationale? Shorter certificate lifetimes are safer, for a variety of reasons. For one thing, it prevents a valid (and perhaps abandoned) certificate from being stolen or misappropriated by a bad actor, then used to trick consumers. While there is a process for revoking known bad certificates, it’s cumbersome and many browsers don’t even check the revocation lists.

This may be annoying to many of us in the short-term (our certificate here at changelog.com is a few years old), but it’s a good thing for the security of the web. Suddenly, Let’s Encrypt’s 90 day expirations look both prudent and prescient.

Safari adage.com

Apple's new anti-tracking feature in Safari takes toll

The irony here is that the site we’re linking to for this story is FULL of display ads. The web and mobile web for content sites, blogs, and the like tend to borderline on a confusing and/or terrible experience because of ads, modals, takeover screens, content that seems like content but is just content in disguise…then, THEN…the retargeting. I can see why Apple, with their focus on the users privacy, that this feature is a Safari thing and being lead by Apple.

The feature—blandly dubbed “Intelligent Tracking Prevention,” or “ITP 2”— is the second major iteration of its anti-tracking tool, which was first introduced last year. The update prevents marketers from targeting Safari users across the web. For example, someone who visits Nike’s website can’t be targeted elsewhere on the web, such as Google search or the New York Times website.

I’m all for websites finding ways to make money from smart relationships, partnerships, and “ads,” but they must be delivered in well-mannered and tasteful ways that does not objectify the reader or their privacy.

WebKit Blog Icon WebKit Blog

PWAs on Safari?!

Workers will be at your service in an upcoming release of Safari — specifically Safari Technology Preview 48, macOS High Sierra 10.13.4 and iOS 11.3 beta seed 2.

Youenn Fablet, software engineer at Apple, writes:

While WebKit’s implementation and feature set is quickly evolving, we believe it has reached an important milestone in terms of functionality and compliance: applications using service workers for offline support or network/cache optimizations run successfully on latest WebKit builds. Let’s now dive into the specifics…

There are threads on Twitter here and here you should check out for commentary on this spec.

This news comes after Microsoft announces PWAs are coming to Microsoft Edge and Windows.

0:00 / 0:00