While everyoneโs talking about the software updates on the surface internet, thereโs something about to expire in the background, which can cut off outdated Android users from the internet soon.
Letโs Encrypt, a free certificate authority thatโs serving over 30% of the worldโs web domains with its TLS certificates, will have its partnership expired with IdenTrust, making outdated Android phones useless soon.
Android Phones Running v7.1 or Older at Risk
Users whoโre much into browsing may notice the green padlock icon just beside the domain. This signifies that the connection between the userโs device and the accessing domain is encrypted and secured throughout the session. This is important as any sensitive details entered into the domainโs page shouldnโt be seen by anyone else.
Making such connections secure are the organizations like Letโs Encrypt, which started about five years ago and partnered with IdenTrust, a Certificate Authority (CA), to cross sign its root certificates, thus authenticating the connection.
Letโs Encrypt applied for installing its ISRG Root X1 certificate in most OS like macOS, Android, Windows, Linux, etc., verified by the IdenTrustโs DST Root X3 root.
And since the partnership between these two is about to expire in September next year, Letโs Encrypt says that devices using its root certificate will be cross-signed by any CA later. This makes all the web domains, nearly 30% of the worldโs domains, inaccessible from users browsers. Letโs Encrypt mentioned that devices running on Android version 7.1 and older will not be supported then.
While itโs now able to run independently with its own root certificate, only the newer devices (Android 7.2 and above) will be supported.
It also mentioned a workaround for using the Mozilla Firefox browser, which has its own root certificates installed when it is set and supports Android 5.0 and later.
Related Article