Owners of an older smartphone with an Android version prior to 7.1.1 can rest assured: they will be able to continue using their phone to surf the internet in 2021 and beyond. In fact, the certificate issue that would have prevented these smartphones from connecting to millions of websites from next year has been fixed.
This was announced by Let’s Encrypt itself, which had warned in November of the forced dismissal of the Web for these smartphones. In fact, in a new press release, the company that is responsible for creating certificates to verify encryption and security of websites has announced that the solution has been found: “We can continue to offer our service without interruptions to people who use old Android devices“The new deadline for these smartphones is three years ahead, when they will probably be too out of date not only for surfing the web, but for most other uses as well.
Because old smartphones risked saying goodbye to the Web
Let’s encrypt is one of the certification authorities of the web, which issues SSL certificates through which web sites that use the HTTPS standard (that is, secure HTTP, thanks to encryption), can be visited through browsers.
The important thing is that the browser and the site use the same certificates, or compatible certificates thanks to a “sign of the crossThrough which another certification body acts as guarantor of the certificate the certificate used by the site. In particular IdenTrust has been signing the Let’s Encrypt ISRG Root X1 certificate for years, guaranteeing its security through its DST Root CA X3 certificate.
The problem is that the “cross certification“It would expire in 2021, along with”certificate of support”IdenTrust DST Root CA X3 and older Android devices do not consider a Let’s Encrypt certified site secure without the other IdenTrust certificate as a guarantee.
The solution to the problem
IdenTrust has decided to continue “cross certification”We will encrypt even after the DST Root CA X3 certificate expires. So for the next three years, when an old Android smartphone visits a website with a Let’s Encrypt certificate (and that’s about 30% of all sites in the world), it will have no problem opening it and allowing the user navigate in.
If this solution had not been found, the only hope to continue browsing the Internet with an old Android smartphone would have been to use the browser. Mozilla Firefox which, unlike the others, does not leave the operating system the burden of choosing which certificates to accept, but does it all itself.