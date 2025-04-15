Network Security

Significantly reduced security certificate duration approved

SiliconAngle reports that the Certification Authority Browser Forum has approved to signficantly shorten the lifespans of SSL/TLS certificates from 398 days to just 47 days within the next four years in a bid to bolster internet security amid the growing prevalence of man-in-the-middle and phishing attacks, as well as the increasing adoption of automated certificate management.

Implementation of the abbreviated SSL/TLS certificate lifecycle will be phased, with validity to be cut to 200 days and 100 days in March 2026 and March 2027, respectively, before the final cut to 47 days in March 2029, according to the CA/Browser Forum, which also noted the importance of the changes to better adapt to post-quantum cryptography. "This much tighter lifecycle now forces organizations to stay proactive and vigilant about their certificate management to reduce the likelihood of breaches caused by stale or mis-issued certificates," said GlobalSign Vice President of Product Management Mohit Kumar, who emphasized organizations' immediate need to enlist automation vendors to keep up with the transition to reduced SSL/TLS certificate lifespans.

An In-Depth Guide to Network Security

Get essential knowledge and practical strategies to fortify your network security.

Related

Exploitation of Ivanti VPN flaw to achieve RCE detailed

Rapid7 researchers have disclosed how attacks aimed at vulnerable Ivanti Connect Secure VPN instances impacted by the critical flaw, tracked as CVE-2025-22457, could result in remote code execution less than a week after a Chinese threat operation was observed by Mandiant to have leveraged the bug, according to SecurityWeek.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Address Resolution Protocol (ARP)Berkeley Internet Name Domain (BIND)BridgeCall Admission Control (CAC)CellCut-ThroughDecapsulationDistance VectorDomain Name System (DNS)Dynamic Routing Protocol

You can skip this ad in 5 seconds