Cut in TLS certificate life could lead to greater risk of outages

As of September 1st, all publicly trusted TLS certificates must have a lifespan of 398 days or less -- roughly half the previous life. According to security experts from Venafi, a provider of machine identity management, this latest change is an indication that machine identity lifetimes will continue to shrink. Certificate lifetimes have been steadily getting shorter over the last decade. Before 2011 certificate lifespans were 8–10 years (96 months), this came down to 60 months in 2012, 39 in 2015, 27 in 2018 and now to 13 in 2020. Apple, Google, and Mozilla are set to reject publicly rooted… [Continue Reading]