Digital Certificates With Shorter Lifespans Reduce Security Vulnerabilities
DARKReading, Wednesday, December 4th, 2024
Proposals from Google and Apple drastically reduce the life cycle of certificates, which should mean more oversight - and hopefully better control.
Shortening the life cycle of Transport Layer Security (TLS) certificates can significantly reduce the vulnerability of websites and hardware devices that require these certificates. TLS certificates are exchanged between Web server and Web client (or server to server) to establish a secure connection and safeguard sensitive data.
The majority of today's digital certificates have a time-to-live of 398 days - that's a 365-day certificate with a 33-day grace period, equaling 398 actual days before the certificate expires. If the proposals from Google and Apple are approved, however, that life cycle could drop to 100 days (90 days plus a grace period) or even 47 days (30 days plus a grace period).