SiliconAngle reports that the Certification Authority Browser Forum has approved to signficantly shorten the lifespans of SSL/TLS certificates from 398 days to just 47 days within the next four years in a bid to bolster internet security amid the growing prevalence of man-in-the-middle and phishing attacks, as well as the increasing adoption of automated certificate management.
Implementation of the abbreviated SSL/TLS certificate lifecycle will be phased, with validity to be cut to 200 days and 100 days in March 2026 and March 2027, respectively, before the final cut to 47 days in March 2029, according to the CA/Browser Forum, which also noted the importance of the changes to better adapt to post-quantum cryptography. "This much tighter lifecycle now forces organizations to stay proactive and vigilant about their certificate management to reduce the likelihood of breaches caused by stale or mis-issued certificates," said GlobalSign Vice President of Product Management Mohit Kumar, who emphasized organizations' immediate need to enlist automation vendors to keep up with the transition to reduced SSL/TLS certificate lifespans.
Implementation of the abbreviated SSL/TLS certificate lifecycle will be phased, with validity to be cut to 200 days and 100 days in March 2026 and March 2027, respectively, before the final cut to 47 days in March 2029, according to the CA/Browser Forum, which also noted the importance of the changes to better adapt to post-quantum cryptography. "This much tighter lifecycle now forces organizations to stay proactive and vigilant about their certificate management to reduce the likelihood of breaches caused by stale or mis-issued certificates," said GlobalSign Vice President of Product Management Mohit Kumar, who emphasized organizations' immediate need to enlist automation vendors to keep up with the transition to reduced SSL/TLS certificate lifespans.
