In the latest episode of The Security Podcasts, Tim Callan, Co-Chair at CA/Browser Forum and Chief Compliance Officer at Sectigo, discusses the evolution and current state of digital certificate lifespans. Initially, SSL certificates had no limits, allowing for ten-year durations. Over time, limits were imposed, and now there are one-year caps. Callan advocates for even shorter lifespans, suggesting a future proposal to decrease them to as little as 47 days in a bid to enhance security and reduce vulnerabilities.
If you look at SSL certificates, for example, once upon a time, there was no limit at all. You could get a 10 year certificate. That was first capped, and it was capped at three, and then it moved down to two, and then it moved down to one where it sits right now, and we are looking at a concrete proposal, that over the next several years, would bring the maximum turn down to 47 days.
Reducing the lifespan of digital certificates is crucial for enhancing security by regularly refreshing the validation process and minimizing risks associated with certificate compromise.
Collection
[
|
...
]