On March 3, Google (through the Chromium Projects it controls) proposed a plan to drastically reduce the lifetime of Transport Layer Security (TLS) digital certificates, from 398 days to 90 days. This will lead to significant changes in the way companies manage their certificates, especially with regard to automated processes.
The proposal from the open-source body behind the Google Chrome browser and Chrome OS, included in a roadmap titled "Moving Forward, Together," is a positive step toward ensuring more reliable and robust web operations. However, it will require companies and other organizations to significantly redesign their certification processes.
The lifespan of digital certificates has steadily decreased over the past decade, from five years in 2012 to just over two years in 2018 to 13 months or 398 days in July 2020. The shorter lifespan helps ensure the accuracy of digital identities. especially in a cloud-based computing environment where websites and services are constantly being ramped up or down to meet changing needs and priorities.
Google said the proposed changes would allow faster rollout of improvements like best practices and new security features, and encourage companies to move away from time-consuming and error-prone manual processes. The resulting move toward automation would also better prepare organizations for the advent of post-quantum cryptograph.
Thursday, May 25, 2023