Reduced lifespan of TLS certificates could cause increase in outages

2020-09-02 03:00

Beginning September 1st, all publicly trusted TLS certificates must have a lifespan of 398 days or less.

Since many organizations lack the automation capabilities necessary to replace certificates with short lifespans at machine scale and speed, they are likely to see sharp increases in outages caused by unexpected certificate expirations.

"The interval between certificate lifecycle changes is shrinking, while at the same time, certificates lifecycles themselves are being reduced. In addition, the number of machines-including IoT and smart devices, virtual machines, AI algorithms and containers-that require machine identities is skyrocketing."

"Bocek continued:"If the interval between lifecycle changes continues on its current cadence, it's likely that we could see certificate lifespans for all publicly trusted TLS certificates reduced to 6 months by early 2021 and perhaps become as short as three months by the end of next year.

Ownership and control of these certificates often reside in different parts of the organization, with certificates sometimes shared across multiple layers of infrastructure.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/Boy6ZmSEdnc/

#certificate #outage #TLS

News URL

Related news