Hi Matt, This is determined using the notBefore value in the certificate; if the notBefore value is greater than or equal to September 1, 2020 00:00 GMT/UTC, then the updated policy will apply.
Cheers, -Clint > On Mar 3, 2020, at 1:41 PM, Matt Palmer via dev-security-policy > <dev-security-policy@lists.mozilla.org> wrote: > > On Tue, Mar 03, 2020 at 11:55:24AM -0800, Clint Wilson via > dev-security-policy wrote: >> For additional information, please see >> https://support.apple.com/en-us/HT211025. > > I have a question regarding this part: > >> TLS server certificates issued on or after September 1, 2020 00:00 GMT/UTC >> must not have a validity period greater than 398 days. > > How is Apple determining when a certificate was issued? That's > traditionally been pretty tricky to determine, exactly, so I'm curious to > know how Apple has solved it. > > - Matt > > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy