

41·
2 days agoThe only technical explanation that’s not malice would be that some certificate store on the device had expiring certificates and would need an update to continue to function (or rather connect to remote servers).
Former Reddfugee, found a new home on feddit.de. Server errors made me switch to discuss.tchncs.de. Now finally @ home on feddit.org.
Likes music, tech, programming, board games and video games. Oh… and coffee, lots of coffee!
I � Unicode!


The only technical explanation that’s not malice would be that some certificate store on the device had expiring certificates and would need an update to continue to function (or rather connect to remote servers).
It depends on their use. The most common certificates that you will “use and check” (implicitly) all the time are probably those, that get served by websites and the APIs that apps talk to. Those are usually quite short lived. Let’s Encrypt IIRC issues them with a default life time of ~90 days and there’s a push industry wide to reduce their lifespan generally to… IIRC something around 40 days. But there are more usecases and certificates and those may be valid longer. E.g. a developer that signs their code/compiled binaries.
Or - and thats more relevant - when you check a certificate you do not only check it’s content, you also check that it was issued and signed by someone “you” trust (or rather the software on your device trusts). Ususally there’s a central store on your PC managed by Microsoft (for Win), Apple (for Mac) or your Linux Distribution with a list of certificates that your device trusts. Those are usually quite long lived (often several years, probably even more than a decade). But will also end. And there will be new ones to replace the old ones. Or new vendors that get added to this trust store. If you do not update your device, this trust store won’t change.
There are now several versions how this can affect the apps in this case, e.g.