We had an excellent interview with Beth Dakin and Ronak Shah from the Safari team about what’s new and interesting for developers in Safari 14. There were so many good moments that I figured a round-up post was warranted. ICYMI (or don’t have time for the full convo), here’s the highlights from my POV.
We’re joined by Ronak Shah and Beth Dakin from the Safari team at Apple about their announcements at WWDC20 and the release of Safari 14. We talk about Safari WebExtensions, Face ID and Touch ID coming to the web, Safari’s plans to advance the web platform, and it all comes down to their focus on privacy, power, and performance.
Dan Moren writing for Six Colors:
News out of last week’s meeting of the CA/Browser Forum is that Apple has announced Safari will no longer accept HTTPS certificates older than about 13 months, as of September 1.
The rationale? Shorter certificate lifetimes are safer, for a variety of reasons. For one thing, it prevents a valid (and perhaps abandoned) certificate from being stolen or misappropriated by a bad actor, then used to trick consumers. While there is a process for revoking known bad certificates, it’s cumbersome and many browsers don’t even check the revocation lists.
This may be annoying to many of us in the short-term (our certificate here at changelog.com is a few years old), but it’s a good thing for the security of the web. Suddenly, Let’s Encrypt’s 90 day expirations look both prudent and prescient.
The irony here is that the site we’re linking to for this story is FULL of display ads. The web and mobile web for content sites, blogs, and the like tend to borderline on a confusing and/or terrible experience because of ads, modals, takeover screens, content that seems like content but is just content in disguise…then, THEN…the retargeting. I can see why Apple, with their focus on the users privacy, that this feature is a Safari thing and being lead by Apple.
The feature—blandly dubbed “Intelligent Tracking Prevention,” or “ITP 2”— is the second major iteration of its anti-tracking tool, which was first introduced last year. The update prevents marketers from targeting Safari users across the web. For example, someone who visits Nike’s website can’t be targeted elsewhere on the web, such as Google search or the New York Times website.
I’m all for websites finding ways to make money from smart relationships, partnerships, and “ads,” but they must be delivered in well-mannered and tasteful ways that does not objectify the reader or their privacy.
Workers will be at your service in an upcoming release of Safari — specifically Safari Technology Preview 48, macOS High Sierra 10.13.4 and iOS 11.3 beta seed 2.
Youenn Fablet, software engineer at Apple, writes:
While WebKit’s implementation and feature set is quickly evolving, we believe it has reached an important milestone in terms of functionality and compliance: applications using service workers for offline support or network/cache optimizations run successfully on latest WebKit builds. Let’s now dive into the specifics…
This news comes after Microsoft announces PWAs are coming to Microsoft Edge and Windows.