[ad_1]
SSL certified sites are important because they protect bad actors from snooping on user data in transit. According to a report from Google, 95% of traffic is now encrypted on its network.
Let’s Encrypt is one of the authorities that issues these HTTPS certificates to sites to ensure that traffic to this website goes through a safe route. The organization has issued more than one billion certificates and today serves more than 192 million sites.
Because there are multiple certification authorities, some sites may experience compatibility issues if your browser or application does not support a particular certificate. Android users with devices running version 7.1.1 or earlier may experience this issue soon.
When Let’s Encrypt was born in 2015, besides its own root certificate, it also used a cross-signed certificate from IdenTrust, another certificate authority.
[Read: 4 ridiculously easy ways you can be more eco-friendly]
However, the partnership between these two entities comes to an end on September 1, 2021 and Let’s Encrypt will only use its own certificate to validate the sites. Let’s Encrypt takes a precautionary action and changes its API to use its own default certificate from January 11.
Now this will create an issue on older platforms such as devices running Android 7.1.1 or earlier. They have not been updated to accept the root certificate of Let’s Encrypt and still rely on cross signatures from authorities such as IdenTrust:
However, this introduces compatibility issues. Some software that has not been updated since 2016 (around when our root was accepted by many root programs) still does not trust our root certificate, ISRG Root X1. Most notably, this includes versions of Android prior to 7.1.1. This means that these older versions of Android will no longer trust certificates issued by Let’s Encrypt.
According to statistics extracted from Android Studio by the CA, over 34% of Android devices around the world are running version 7.1 or earlier. And after January, many sites and apps might experience compatibility issues on these devices.
As Android Police noted, a workaround for this problem is to install and use Mozilla’s Firefox browser on these devices, as it uses its own list of root certificates to validate sites. To be clear, applications that depend on old certificates will not be able to take advantage of this fix.
You can read more about the Let’s Encrypt announcement here.
For more information on gear, gadgets, and hardware, follow Connected To
Twitter and Flipboard.
Published November 9, 2020 – 08:19 UTC
[ad_2]
Source link