“Members of the CA/Browser Forum have voted to slash cert lifespans from the current one year to 47 days,” reports Computerworld, “placing an added burden on enterprise IT staff who must ensure they are updated.”
In a move that will likely force IT to much more aggressively use web certificate automation services, the Certification Authority Browser Forum (CA/Browser Forum), a gathering of certificate issuers and suppliers of applications that use certificates, voted [last week] to radically slash the lifespan of the certificates that verify the ownership of sites.
The approved changes, which passed overwhelmingly, will be phased in gradually through March 2029, when the certs will only last 47 days.
This controversial change has been debated extensively for more than a year. The group’s argument is that this will improve web security in various ways, but some have argued that the group’s members have a strong alternative incentive, as they will
Leave a Reply