Announced last year, Google’s proposal to reduce the lifespan of TLS (transport layer security) certificates from 13 months to 90 days could be implemented in the near future. It will certainly improve security and shrink the window of opportunity for bad actors to exploit compromised or stolen certificates and private keys. Unfortunately, it will also dramatically increase the time and energy required to manage TLS certificates. For organizations with only a handful of certificates, this … More → The post How Google’s 90-day TLS certificate validity proposal will affect enterprises appeared first on Help Net Security.

  • resetbypeer@lemmy.world
    link
    fedilink
    English
    arrow-up
    5
    ·
    7 months ago

    Lets encrypt has this already by default. Managing this means automation but with that you may shift the problem. When automation is done poorly (esp when least privileged access is not done correctly). Hence that IAM is one of the cornerstone’s of zero trust.

  • Renegade
    link
    fedilink
    English
    arrow-up
    1
    ·
    7 months ago

    Article takes a long time to say very little.

  • CubitOom
    link
    fedilink
    English
    arrow-up
    1
    ·
    7 months ago

    I didn’t read the article.

    Will this only affect sites that use Google as their CA or is this an issue when a site is viewed through chrome but has a cert that expires after 90 days?