CA/Browser Forum Votes for 47-Day Cert Durations By 2029

"Members of the CA/Browser Forum have voted to slash cert lifespans from the current one year to 47 days," reports Computerworld, "placing an added burden on enterprise IT staff who must ensure they are updated." In a move that will likely force IT to much more aggressively use web certificate automation services, the Certification Authority Browser Forum (CA/Browser Forum), a gathering of certificate issuers and suppliers of applications that use certificates, voted [last week] to radically slash the lifespan of the certificates that verify the ownership of sites.

The approved changes, which passed overwhelmingly, will be phased in gradually through March 2029, when the certs will only last 47 days.

This controversial change has been debated extensively for more than a year. The group's argument is that this will improve web security in various ways, but some have argued that the group's members have a strong alternative incentive, as they will be the ones earning more money due to this acceleration... Although the group voted overwhelmingly to approve the change, with zero "No" votes, not every member agreed with the decision; five members abstained...

In roughly one year, on March 15, 2026, the "maximum TLS certificate lifespan shrinks to 200 days. This accommodates a six-month renewal cadence. The DCV reuse period reduces to 200 days," according to the passed ballot. The next year, on March 15, 2027, the "maximum TLS certificate lifespan shrinks to 100 days. This accommodates a three-month renewal cadence. The DCV reuse period reduces to 100 days." And on March 15, 2029, "maximum TLS certificate lifespan shrinks to 47 days. This accommodates a one-month renewal cadence. The DCV reuse period reduces to 10 days."
The changes "were primarily pushed by Apple," according to the article, partly to allow more effective reactions to possible changes in cryptography.

And Apple also wrote that the shift "reduces the risk of improper validation, the scope of improper validation perpetuation, and the opportunities for misissued certificates to negatively impact the ecosystem and its relying parties."

Thanks to Slashdot reader itwbennett for sharing the news.

Needed? Or money grab?

[walterbyrd]

First post?

Re:

[allo]

Needed because revocation is broken.

No money grab because there are several free CAs.

Re:

[Anonymous Coward]

Needed because revocation is broken.

Then fix revocation so it isn't broken.

Making it 7x more expensive fixes nothing. This is a money grab, nothing more.

Re: Needed? Or money grab?

[ChemE2IT]

There are complex reasons revocation doesn't work and simply saying fix doesn't actually fix it. Search the Security Now podcasts if you care to learn why, Steve Gibson has discussed this for years including recently. By the way, he is against shortening the duration. You seem to miss the point of the comment you were replying to since 7 x $0 = $0. Plus it's not clear that the annual cost will change for non free certs. The work required will change if you do it manually which encourages automation.

Re: Needed? Or money grab?

[rpresser]

Steve Gibson is a monumental dickhead. Dropping his name does not do anything to convince me.

Re: Needed? Or money grab?

[saloomy]

Doesnt matter. This is a good outcome. Using LetsEncrypt is free and even today you can buy 5 year certs but you still have to refresh them every year so itâ(TM)s clearly not a money grab. It is to push people to automate by default, which actually is safer. It is a safer insurance that your cert will not expire or get stolen. Automation makes sure no one accidentally copies or shares the private key by mistake (happened to a company I knew).

Re:

[WaffleMonster]

There are complex reasons revocation doesn't work and simply saying fix doesn't actually fix it.

There is no actual complexity. There are not so many keys compromised in the world a complete list of actually compromised keys can't easily be globally distributed to browsers with regular deltas. The only reason the obvious is not being done is security isn't actually the point of this scheme.

Re:

[jsonn]

So far two mechanisms have been tried for dealing with compromised keys. Certificate revocation lists and Online Certificate Status Protocol. Both create more problems than they solve. A certificate can be revoked not just because it s key has been compromised, but also simply because it is no longer meant to be used. That happens quite a lot actually in the modern virtualized world.

Re:

[WaffleMonster]

So far two mechanisms have been tried for dealing with compromised keys. Certificate revocation lists and Online Certificate Status Protocol. Both create more problems than they solve. A certificate can be revoked not just because it s key has been compromised, but also simply because it is no longer meant to be used. That happens quite a lot actually in the modern virtualized world.

What actually matters? Security or making sure internal administrative constraints are enforced? The revocation lists are full of administrative nonsense not actual security breaches that have any substantive real world implications for users.

How much is "certificate can be revoked not just because its key has been compromised" worth in the real world? Is it worth up to 45 days of ongoing compromise after there is a security breach because otherwise tombstoning compromised keys is "too hard"?

The notion

Re:

[jsonn]

I love that you are just ignoring what others are saying. Let's ignore web servers for a moment and look at client certificates where the very same problems exist. If I have a client certificate on a smartcard, there are three main reasons for a revocation: (1) the smartcard was stolen (2) the smartcard had to be reissued (since it was "broken") or (3) the account was closed. In most environments, (2) and (3) are much, much more common than (1), but are entirely valid reasons for revocations with real world

Re:

[WaffleMonster]

I love that you are just ignoring what others are saying. Let's ignore web servers for a moment and look at client certificates where the very same problems exist.

If I have a client certificate on a smartcard, there are three main reasons for a revocation: (1) the smartcard was stolen (2) the smartcard had to be reissued (since it was "broken") or (3) the account was closed. In most environments, (2) and (3) are much, much more common than (1), but are entirely valid reasons for revocations with real world security impacts. For a big company like IBM with around 300,000 employees, just normal fluctuation would result in thousands of CRL entries at any given moment. Now you still would need to send the CRL to any service in a timely manner. Wait, some servers are offline in sealed networks? Though luck. The servers are in a remote location with very expensive internet (like the Easter Islands?)? Guess security is going to cost you.

This is completely unrelated to DV certs and a misunderstanding of the technology. DV CAs generally don't issue client certs. This is done by corporate CAs or adhoc to protect one off services. The purpose of the client certificate is authentication rather than authorization.

If you lose a smart card or it is stolen the security of the system is never at any point dependent upon certificate expiry, revocation or correct operation of CRLs. What actually occurs is the card is no longer authorized to access

Re: Needed? Or money grab?

[dgatwood]

There are complex reasons revocation doesn't work and simply saying fix doesn't actually fix it.

Neither does shortening the duration. All it does is slightly shorten the maximum amount of time that someone can use a stole private key/cert combination. And if they don't discover that the key is compromised, chances are, the website will generate a new cert with the same key, and it won't even do that.

Revocation absolutely can work. You start by mandating OCSP, you follow it up by making browsers refuse to connect to TLS-enabled sides if OCSP servers are blocked, and you drag the certificate authorities' reliability kicking and screaming up to the seven nines required for a site that is mission-critical.

Or we can take a step back, acknowledge that HTTPS Everywhere was a mistake, and start over, separating the need for identity/trust and encryption.

Before the push to enable HTTPS for every website, a certificate meant something. It cost a lot of money, so anybody who had one was very likely to be legitimate. Now, TLS is useless for identity/trust purposes, because without doing a detailed look at the cert, I can't tell the difference between my completely untrustworthy personal website with a LetsEncrypt cert and Amazon.com.

We need a new protocol — let's call it HTTPE for encrypted — in which traffic is encrypted with a key that is stored similar to the way SSH does, where once you have established a link, future connections will be encrypted. This would give you trust that you're still dealing with the same site, but without the need for any bulls**t certificates that provide zero benefit for that use case, and cause ever-increasing headaches as the certificate authorities find new and more creative ways to make life miserable for site admins.

And of course, you would still have the strong HTTPS version in parallel, which would be used for e-commerce sites, banks, and other sites where the site's identity actually matters. You would just have a *lot* fewer of those. No more low-quality certs. Everything is a paid cert, everything requires proving more than just that you control the web server. Extended validation only, ideally.

The HTTPS CA folks could then do whatever the heck they want with stupidly short expiration periods, or better, mandate OCSP and high reliability, and it wouldn't matter for the other 99% of traffic for which the mere existence of a cert likely provides zero benefit, much less expiration thereof.

Re:

[thegarbz]

Or we can take a step back, acknowledge that HTTPS Everywhere was a mistake, and start over, separating the need for identity/trust and encryption.

We had that already in the form of extended validation certificates. For a brief period in history when you went to bankofamerica.com you didn't see the URL in the title, you saw a verified check of their identity instead.

The world abandoned the identity model in favour of simple encryption. That wasn't the fault of HTTPS Everywhere which was still an objectively good thing. The ability to provide an encrypted session should never have been the subject of a financial expense.

Re:

[MobyDisk]

The ability to provide an encrypted session should never have been the subject of a financial expense.

Even without the financial expense: imagine that you manage a fleet of IP cameras in a secure building. They use HTTPS, hence they require certs. The only way to update the certs is to connect to each one's web interface and upload the certs. Usually this is no problem, you make the 10-year wildcard cert *.camera.internal.net and you are done.

Re:

[MobyDisk]

This resonates with me because I manage a fleet of embedded devices where renewing certificates is a big deal! Te company ships the devices with a given certificate, and some (but not all) organizations will replace the certificates. Those organizations also put the devices in an SDMZ that blocks all outgoing traffic. So updating the certificates is currently manual. The devices browsing the embedded devices are similarly limited, so no OCSP or CRL validation is allowed. We recently released an update

Re:

[allo]

OCSP does not work for multiple reasons.
For reasons I do not understand, letsencrypt also doesn't want to use OCSP-stapling what is (together with must-stable) kind of providing certificates that last only a few hours by requiring a current OCSP response being sent in addition.
So they now rely on CRLs. And having only 47 days lifetime limits the size of the CRL.

internal system / backend certs don't need this an

[Joe_Dragon]

internal system / backend certs don't need this.

Re:

[bjoast]

They are not affected by this.

Re:

[bjoast]

Clarification: Assuming you have your own CA.

Re:

[cen1]

Correct me if I'm wrong but if browsers enforce this duration, then it IS affected.

Re:

[Nkwe]

Correct me if I'm wrong but if browsers enforce this duration, then it IS affected.

It's generally not the browser that limits certificate lifetime -- the lifetime is embedded into the certificate and the browser enforces the expiration date baked into the certificate. If you run your own internal CA, you can issue certificates for whatever lifetime you want. You will have to add your internal CA's certificate to the browser's list of "trusted CAs" though. Depending on the browser, the list of trusted CAs may be configured within the browser install itself, or may be delegated to the opera

Re:

[Joe_Dragon]

unless someone like google codes in some like if ca / cert life over XX days = mark ca / cert as untrusted.

Re:

[Nkwe]

unless someone like google codes in some like if ca / cert life over XX days = mark ca / cert as untrusted.

They could, but then they would not be following RFC 5280 [ietf.org] with regard to what defines a certificate's validity period.

Re:

[micheas]

Correct me if I'm wrong but if browsers enforce this duration, then it IS affected.

It's generally not the browser that limits certificate lifetime -- the lifetime is embedded into the certificate and the browser enforces the expiration date baked into the certificate. If you run your own internal CA, you can issue certificates for whatever lifetime you want. You will have to add your internal CA's certificate to the browser's list of "trusted CAs" though. Depending on the browser, the list of trusted CAs may be configured within the browser install itself, or may be delegated to the operating system's list of trusted CAs.

My quick reading of it looks like this is the max age that a browser will accept.

Any enterprise not using Automatic Certificate Management Environment (ACME) really needs to think about shifting to modern encryption infrastructure. Humans and AIs make mistakes and having an expired certificate because of human or AI error that causes your site to stop accepting traffic, if you have an enterprise level site, is ridiculous. If this causes any extra work for you, you're doing it wrong.

Re:

[jsonn]

There are lot more TLS clients than just web browsers.

47 days

[BettyJJ]

may seem random, but it's probably meant as 1.5 months plus a day of wiggle room. I was hoping for 42 though.

will renew fees be the same = pay an more or be sa

[Joe_Dragon]

will renew fees be the same = pay an lot more or be same for 1 year?

Re:

[Anonymous Coward]

The renew fee will be the same. I mean, the same ammount you paid for 1 year you will now pay for 47 days, naturally. What did you expect?

Re:

[vanyel]

Letsencrypt will be the winner from this - free and automated.

Re:

[micheas]

Letsencrypt will be the winner from this - free and automated.

I typically use zero SSL for important sites as letsencrypt has a rate limit that if you accidentally make a mistake and exceed can cause your certificates to not be renewed.

For most management tools it is a two line change to move from letsencrypt to zerossl, (change the endpoint you are hitting and your key) and it was fairly cheap to not risk hitting the rate limit. But, there are lots of options for ACME compatible certificate signers beyond just Mozilla's Let's Encrypt.

Re:will renew fees be the same = pay an more or be

[markdavis]

>"Letsencrypt will be the winner from this - free and automated."

Except in my case, one of our major platforms is outsourced but is a subdomain of my domain. So it is IMPOSSIBLE to automate it. It is a private site, but is reachable publicly for remote access. And I can't load the certificate on their system, only they can, and doing so is difficult and causes downtime. So it means countless hours of my time wasted in renewals, payments, reimbursements, scheduling tickets, uploading files, and downtime. Plus the constant risk of something in that chain failing or being missed and taking down all our operations. Once a year was already a total pain in the a**. I am really pissed about this.

Re:

[volcan0]

I assumed you already looked into it, but ACME has a way to use DNS validation with a totally unrelated domain. Just need to add an CNAME entry to the original domain to a domain you control. Then the DNS validation can update the domain you control while renewing the domain you don't control.

Re:

[markdavis]

>"I assumed you already looked into it [ACME]"

I haven't, but will. I have no idea if that can help in this odd situation in which I am stuck.

To me, this radical shortening of certificate duration really does look like a bunch of "security theater" and full of potential conflicts of interest. My posting was to point out that, despite what appears to be the majority opinion, there are minority cases (of which I am one) where it will cause a lot of damage.

It is easy for people to dismiss such cases as "yo

Re:

[volcan0]

For the record, I agree with you on the security theater here. I have a hard time understanding their reasoning.

On the actual technical "solution", I have yet to encounter a situation where this does not work if a) the registrar/dns provider supports API access and B) you can get a cname pointed to a domain you control in the zone you do not control.

The way this works is that when doing the verification, you tell it to check a specific sub-domain. This subdomain is a cname that points to a domain you cont

One word

[Anonymous Coward]

One word: Automation.

Posting as anonymous coward for obvious reasons - my current employment is PKI.

This will drive automation to a new level. There is no way IT grunts will be manually renewing these certificates. ACME, or something spawned from that, will be the name of the game for trusted TLS certificates. I've worked for companies where changing the TLS certificate on their main public facing websites was a whole process wrapped up in change control. Those processes will also need to change as it doesn't make sense with all of the overhead the change control process can add, to do this every 30 days.

And if you are using TLS trusted certificates for internal-only facing systems, these will switch to private issuance, which do not need to follow the CA/B forum rules. For private issuance, you can issue certificates with validity that is in the hundred of years. There is absolutely no reason why internal systems need to use trusted certificates, and this will basically end that practice.

Many things already use private issuance certificates such as Intune - it would be insane to have your Intune infrastructure use Trusted TLS given the number of certificates are issued for Intune configured systems and authentication.

As an aside, the CA/B forum has also made OCSP optional, which over time you'll see less and less of. I know of some CA operators who are privately cheering for OCSP to go away as its a high volume real-time service that if it breaks, can break a lot of things rather quickly (speaking from experience).

change control issues or java app injecting issues

[Joe_Dragon]

change control issues or java app injecting issues / downtime. Makes automation not work.

What about places where that cert change is part of an month or more long change control process?

Re:

[jsonn]

Maybe fix your processes then?

Re: change control issues or java app injecting is

[hsmith]

It is 2925. If it takes a month to update certs, your CCB process is abysmally broken

Re:

[Nkwe]

There is absolutely no reason why internal systems need to use trusted certificates, and this will basically end that practice.

Being pedantic, but I assume you mean no reason for internal use of publicly trusted certificates. From a security point of view, it's a bad idea not to validate certificates on internal systems -- you need to validate them against your internal CA of course, but failure to validate would open you up to internal threats.

Re:

[tepples]

I assume you mean no reason for internal use of publicly trusted certificates.

If you're streaming video from a server on a home LAN or an air-gapped network to a smart TV or a streaming stick, the server will probably need a publicly trusted certificate. I've been told major brands of streaming device have no way to let the user install a privately trusted certificate.

Re:

[EvilSS]

Why are you using a cert at all in this case at all? I do this today and none of the streams require public certs to work.

Re:

[Kernel Kurtz]

One word: Automation.

Still needs testing and verification afterward. Now each instance will have ten chances to break each year instead of one.

I've worked for companies where changing the TLS certificate on their main public facing websites was a whole process wrapped up in change control.

Probably somebody broke it in the past. I've seen that happen too.

Re:

[tlhIngan]

Still needs testing and verification afterward. Now each instance will have ten chances to break each year instead of one.

Which is likely to be better - first, something that breaks once every couple of years will likely be put up with because it's not worth putting in the effort of fixing. Except now that tribal knowledge is having to be passed on because no one can be bothered to fix it.

If it breaks every other time every few weeks, then there's much more incentive to fix it properly so it quits breaking

Re:

[Kernel Kurtz]

Once that knowledge gets put into scripts, if in a few months you discover the script overlooked something, you fix the script and make life simple.

A lot of stuff is complicated enough it is simply better to do in person. Zero impact changes often require failover/failback of HA pairs. Appliances like ASAs or F5s may have dozens of different cert chains on the same device. Not everyone can just use certbot in a cron job.

Re:

[jsonn]

Changing a certificate on a service should not be complicated. There is absolutely no reason for it to be complicated. Stop making excuses for badly designed systems.

Re:

[tepples]

What's the uncomplicated way to change a certificate on a service on an air-gapped network, where you control the server and do not control the clients' certificate stores?

Re:

[jsonn]

The pedantic answer: your problem is not the changing the certificate, but distributing it. It's a small but important distinction. The real answer would be: run a trusted Subordinate CA inside the air-gapped network. For the certificate of the Subordinate CA, different rules apply.

Subordinate CA is not trusted

[tepples]

Because you don't control the clients' certificate stores, your subordinate CA is not trusted. Instead, your server must use a certificate from a publicly trusted CA that the client already recognizes. And all the publicly trusted CAs are about to require a (roughly) monthly rotation.

Re:

[jsonn]

Please read again what I wrote. You can certainly buy CA certificates (with appropriate restrictions, e.g. to a specific domain like a wildcard certificate) on the market and those intermediary certificates have much longer time limits. It's a costly option, in part due to the audits involved, but certainly possible if you have the somewhat unusual constraints of not controlling the clients of the air-gapped system as well.

Re:

[Kernel Kurtz]

Changing a cert without dropping any client connections means servicing new requests and old requests differently, either statefully moving them from old to new or supporting them till they are timeout or closed. Certs are used not just for websites (not that you should boot people off those either) but also for things like SSL VPN connections where you can't just restart the service while people are working. If you have maintenance windows where you can tell people don't use the service at this time cau

Re:

[jsonn]

No, it doesn't mean anything like that. The certificate is only used during a very brief window of a connection, the initial handshake for computing a symmetric key. The software complexity is nothing more than a reader-writer lock and a pointer update (or something slightly more involved if you want to keep it lock-free). Same for VPNs. If your software or appliance can't do that, it is just badly designed.

Re:

[Kernel Kurtz]

You appear to know shit about high availability or enterprise grade computing. By all means you go ahead and script your cert changes and do your failovers remotely. Badly designed appliances are clearly the least of your worries.

Re:

[jsonn]

I've written the code and administrated the systems over the last twenty years. I've heard the excuses, too. Have you? Let me blow your mind for moment. Protocols like Kerberos had support for renewing a ticket automatically without need for human intervention for 30 years. It's a solved problem. It's not even hard to automatically validate the replacement certificate in a way that is better than whatever human compliance tests will make you do, e.g. check the validation time, ensure that the same trust anc

Re:

[micheas]

Once that knowledge gets put into scripts, if in a few months you discover the script overlooked something, you fix the script and make life simple.

A lot of stuff is complicated enough it is simply better to do in person. Zero impact changes often require failover/failback of HA pairs. Appliances like ASAs or F5s may have dozens of different cert chains on the same device. Not everyone can just use certbot in a cron job.

F5s can be managed from the command line and can have their configs checked into code. F5 even offically supports ansible for managing it https://clouddocs.f5.com/produ... [f5.com]

So, it certainly can be managed from a cron job.

Re:

[Kernel Kurtz]

Yes, everything can be automated. Be mindful of the things with high profile failure modes.

Re:

[micheas]

Still needs testing and verification afterward. Now each instance will have ten chances to break each year instead of one.

Which is likely to be better - first, something that breaks once every couple of years will likely be put up with because it's not worth putting in the effort of fixing. Except now that tribal knowledge is having to be passed on because no one can be bothered to fix it.

If it breaks every other time every few weeks, then there's much more incentive to fix it properly so it quits breaking so often. And something that breaks every few months is more likely to be passed onto the next guy because it's more recent information than something that only happens once every couple of years.

I've worked for companies where changing the TLS certificate on their main public facing websites was a whole process wrapped up in change control.

Probably somebody broke it in the past. I've seen that happen too.

It likely happened because it's a process that doesn't happen often, so all the tricks you learned this time around are forgotten the next time it happens. When a certificate expires yearly, someone has to remember what they did last year in order to renew it all. And likely things broke because they forgot some things.

Once that knowledge gets put into scripts, if in a few months you discover the script overlooked something, you fix the script and make life simple. The script becomes the working memory and if something breaks, the script can be run through manually to ensure every piece is updated.

Also, there's a chance if something breaks, it'll get caught all that much quicker - someone moves a file somewhere and it's forgotten about a year later. Here it's only a month and a half and chances are someone remembers "Oh, we moved that a month ago!".

This ^

And the more complicated the more you want things to be fully automated. Manual enterprise deploys have about an 80% fail rate while automated deploys have a far less than 1% fail rate.

as for "you need to test your site after deploying a new certificate" If it is important enough to be paying someone to work on it, it should be monitored 24x7 anyways.

The biggest problem with the automated certificates is that the tooling around them is so good you have people who set them up and are in charge of th

Re:

[WaffleMonster]

This will drive automation to a new level. There is no way IT grunts will be manually renewing these certificates. ACME, or something spawned from that, will be the name of the game for trusted TLS certificates.

How many breaking changes have their been to ACME in the past few years and how many can we expect in the future?

Re:

[WaffleMonster]

This will drive automation to a new level. There is no way IT grunts will be manually renewing these certificates. ACME, or something spawned from that, will be the name of the game for trusted TLS certificates.

How many breaking changes have their been to ACME in the past few years and how many can we expect in the future??

Re:

[jsonn]

Let's encrypt itself had one major (potentially breaking) update of the ACME protocol and the deprecation and subsequent removal of one challenge type in its 10 year history so far. Compared to a lot of mission critical things, that's a pretty decent track record.

Re:

[markdavis]

>"One word: Automation."

Another three words: Not Possible Everywhere

I have outsourced systems that use subdomains of my domain and I can't control those systems or install certs on them. And the system is needed 24/7. And it needs to be accessed from everywhere. And installing a certificate means major effort, tickets, additional scheduling, payments, support time, downtime, etc. Doing it annually was already too much.

Re:

[misnohmer]

Automation will create a new attack vector, with potentially even larger consequences. No more human reviews, just automation renewing certs. For smaller sites, they will just remove TLS (HTTPS) instead to avoid the headache, especially if browsers stop accepting any certs valid longer than 47 days. Such is the reality of life.

Re:

[volcan0]

I'll bite: How do you automate this with java applications and jks ? (in a secure way)

47

[nicubunu]

Any insight why they picked 47 as the magic number? Why not 46 or 48? Or more likely a multiple of 7, to account for weeks?

Re:

[Entrope]

I would guess ceil(31 * 1.5), but that's pretty arbitrary and (to me) 31+2*7 would make just as much sense.

Re:

[jsonn]

Almost. The first assumption made is that it is recommended to update certificates after around 2/3 of their life time. The expected update cycle was 30 days, so 45 days of life time. 47 days is essentially a bit of wiggle room for various smaller delays that could pop up along the line like if you can only update a service once a day.

Re:

[Entrope]

The first assumption made is that it is recommended to update certificates after around 2/3 of their life time.

Why is this recommendation made for monthly renewals but not 3- or 6-month renewals, which have 100- and 200-day expirations respectively? With a nominal 30-day month, those give only 10 or 20 days of margin respectively, a far cry from the 50% you posit. The three-month cycle gives fewer days of margin than the one-month cycle. It gives the impression of being rather arbitrary, not based on that kind of assumption or recommendation.

Re:

[Anonymous Coward]

Any insight why they picked 47 as the magic number?

C'mon.. think about it... What's 47 right now?

Re:

[93 Escort Wagon]

Any insight why they picked 47 as the magic number? Why not 46 or 48? Or more likely a multiple of 7, to account for weeks?

I think for business purposes you'd want a multiple of 7 plus a few days extra, in case of unforeseen complications / emergencies - and 47 accomplishes that.

There's no reason you couldn't renew every 42 days under this stricture. Or schedule it "on the first Tuesday of each month".

Personally I see this as largely security theater, but trying to argue against it does seem like opposing the tides at this point...

sigh

[luvirini]

All the legacy systems will be so broken. currently some of them are already a pain to update yearly, with no reasonable way to automate.

I guess there will be a need to put a reverse proxy with the automated certificate renewal in front of them.

Re: sigh

[rpresser]

Hello, Cloudflare.

Re:

[luvirini]

Cloudfire does not work well inside your own network...

Re: sigh

[RegistrationIsDumb83]

We will definitely see some legacy sites just move to 1000 year self signed certs

Re: sigh

[bringonthenight]

Without going to talk about legacy system, the bright minds who devised this probably doesn't know anything about certificate rotation in the pleteora of enterprise software around. Automate certificate renewal in stuff like Microsoft SQL Server Reporting Services. Or appliances with custom web interface. What a stupid decision.

Re:

[luvirini]

Most of the systems I was talking about were things in categories you mentioned.

How about no?

[sjames]

At the rate they're going, they'll need to invent new low latency networking and data processing technologies in order to renew the certs before the old one (issued 30 seconds ago) expires.

Yay

[peppepz]

Even more red tape and gatekeepers who get a say in who can communicate over the Internet and how hard it has to be. I remember when it was Microsoft who wanted to make internet protocols more complicated in order to get a competitive edge over the open source community; back then when their plans were exposed there was outrage. Nowadays Google and Apple basically are the internet, and they don't need to work in the shadows to subvert the protocols, because whatever it is that they decide for the day is automatically the "living standard".

Re:

[tepples]

Google and Apple are not the internet.

They are, however, the publishers of the operating systems that run on the Internet terminals that most people keep closest to them most of the time.

Dentists also recommend cleanings every 47 days

[SubmergedInTech]

And please change your car's oil every 47 days.

For the exact same reason.

Re:

[Anonymous Coward]

Well see, the US expired with the 47th president and now needs a reset. So the number makes sense.

Re:

[thegarbz]

I often see references to frequent oil changes. Question: Did the concept of better oil and better engines miss America entirely? Car manufacturers (at least in Europe) have never in history recommended oil changes as infrequently as they currently do. In many cases it's not even done as part of yearly inspections anymore.

Outcome: more problems, few benefits

[Arrogant-Bastard]

1. Many organizations use change control (and most organizations should). Which means: changes to the production configuration require vetting via a process that's designed to try to stop broken changes from being deployed in a live environment. In other words, deployment is deliberately not automated because a human (or humans) are in the loop. This change represents a significant additional workload on those humans, and one of the ways that many humans respond to such an increase is to get annoyed by the extra work and start finding ways to shortcut the process. In other words, you can expect people to be very diligent when they only have to do something once a year, but every 45 days? Not so much.

2. Other organizations will resort to automation, which will in turn make supply-chain attacks that leverage the automation much more attractive. I'll predict that within a year of this change going live we'll see just such an attack.

3. This isn't going to significantly increase aggregate security, because -- for the most part -- certificates aren't the security problem. Bad software, e.g. WordPress, that's widely deployed and poorly maintained is a much bigger problems.

4. The argument that this will stop some cryptographic exploits is weak, at best. The primary threats in that space are nations, and this change won't really affect them -- because they have far more resources than defenders, and they can readily deal with an 8X decrease in certificate duration by allocating 10X the computing power. (Which, since they're no doubt aware of this year-long debate, and since they know when this goes into effect, they have plenty of time to plan and execute.)

When will this apply to CA certs

[Anonymous Coward]

And while we're on the topic, DNSSEC certificates?

I agree with poster #4 (or somewhere at the beginning of this discussion) that I'm going to build a new internal CA and give it a 100 year lifetime, then build a sub(signing) CA and give it a 50 year lifetime, then as my internal certificates expire, I'll renew them for 50 years and be done with them for the rest of my career.

As an aside, how often do you rotate your certificate keys? Do you use them only once, or do you renew your certs with the same keys

This is going to make things less secure

[rsilvergun]

Because when an API has a choice between weak password authentication and stronger certificate authentication they're going to pick the password authentication when this shit gets crammed down their throats.

And for anyone saying there's no reason for an API to invalidate its certificates every 47 days, as soon as the one-year limit hit every API I work with and there's several switched to that. So the 47-day one is next.

Re:

[ls671]

When an API can use weak passwords, it can also generate its own certificate independently from any web certificate authority like for example, openvpn with easyrsa which generates its own certificate independently so your point is really moot. For web certificates used for access for the public at large, there is no weak password option. Furthermore, for internal web sites, you will still be able to generate your own certificates internally and independently and have them last several years if you wish. Th

Re:

[jsonn]

Your post makes no sense. Please think again who is using what kind of certificate for which purpose...

DV CAs are redundant and dangerous

[WaffleMonster]

The CA scheme for DV is needlessly dangerous and redundant and needs to end. Existing schemes like ACME are still based entirely upon insecure indications from insecure protocols.

There is no reason for global overlapping trust anchors to exist in the first place. This only creates more avoidable avenues for global compromise with zero commensurate benefit.

More importantly it is redundant for a third party to seek to independently establish domain ownership when this function should just be a function of the domain registrar which already has an existing relationship with the domain owner. There was never any reason for CAs to insert themselves into the process in the first place. It used to be in the early days the CAs would validate you as an organization but that quickly devolved into a lights out process involving placing files in folders and servers making insecure HTTP requests to retrieve those files.

Neither do I accept the legitimacy of a handful of corporations voting for a change that has substantial global administrative impacts on countless millions of the worlds operators without any substantive outreach, study or consensus.

Personally I will be working to advocate for expansive use of PAKEs as an alternative to global trust anchors. Most every website worth securing has some form of independent trust relationship with the user. The insecure and dangerous universal practice of authentication via adhoc web forms in plain text over TLS has lead to unnecessary and substantially avoidable mass ownage via phishing related exploits. The utilization of secure authentication based on zero knowledge proofs is far more secure than DV certificates.

Most sites and internal applications should have never required PKI in the first place. This was always something that has been dominated by band-aids and inertia. A series of decisions that were rational at the time yet in totality have become untenable.

Global trust anchors should only have ever been used sparingly as onramps for service discovery and onboarding. It was always foolish to aggregate so much responsibility into the hands of the few with global potentially catastrophic consequences. It is past time to end DV certs as we know them.

Re:

[jsonn]

ACME with a sane CA is about as strong as DV can get. If you implement DNSSEC and use the DNS-01 challenge type, you have a trust chain for the ACME challenge itself. I'm going to ignore the rest of the rant as pointless.

Re:

[WaffleMonster]

ACME with a sane CA is about as strong as DV can get.

ACME is STILL based on INSECURE indications from INSECURE protocols. This isn't strength, it is a PATHETIC joke.

If you implement DNSSEC and use the DNS-01 challenge type, you have a trust chain for the ACME challenge itself.

If everyone had DNSSEC there would be no need for DV CAs and this would all be MOOT.

I'm going to ignore the rest of the rant as pointless.

If you have nothing to say keep your mouth shut.

Re:

[jsonn]

It's funny when someone proves you wrong and you just continue ranting. Here's a fish, maybe return to your bridge...

Stupidest Thing Ever

[STRICQ]

What will happen from this is tons of sites constantly going down for expired certs. Very insecure and easily hacked renewal scripting that will fail and bring down sites. Or site just going back to http forcing browsers to resupport it. I support a number of sites with certs and it's already a PITA for the yearly renewals.

Licensing servers

[strUser_Name]

An even more centralized internet.. Somehow this feels more and more like web servers are just clients that required a central licensing server in order to operate. They cannot function on their own. They need to ping the mother server in a timely fasion, or else they time out. Something doesn't feel right about this. Feels like sacrificing freedom over security. Which is not bad by itself perse. It's a ballance, I guess. But where do you think this line should be drawn? Why not do 7 days?

23.5% of the previous lifespan...

[DrStrangeLug]

.... 23.5% of the previous cost...? No? I thought not.

Does this solve a real problem?

[henrik stigell]

Does this solve a real problem? That old certificates are "cracked"?

It's not only websites that use TLS

[quetwo]

As the CA/Browser forum said in their response to this, they feel automation is the key. Protocols like ACME do exist, but really only exist for web servers.

People forget that it's more than websites that exist on the internet that use PKI infrastructure. Your printer sitting on your desk -- that's got embedded certs. Have a phone? Yup, that has certs loaded into it as well to do encrypted phone calls. LDAP servers, directory servers, mail servers, API servers, game servers, etc. Hell, that IoT lightbu

break everything

[groobly]

Break everything every few months. You must upgrade today today, right away, today.

Makes everything more fragile

[bradley13]

Instead of a chance to break once per year, now your certificate process can break every 47 days, or even more often.

For a lot of services, even most services, this is overkill. How about letting each service decide?