The CA/Browser Forum has approved a plan to reduce the maximum validity period of SSL/TLS certificates from 398 days to 47 days by March 15, 2029, in a bid to enhance internet security and encourage automation in certificate management. This transition will occur gradually, with incremental reductions starting in 2026, but has faced skepticism regarding its practicality and the lack of empirical evidence supporting its effectiveness. Proponents argue that shorter lifespans will enhance security by limiting the exploitation window of compromised certificates and fostering automated management solutions.

The article discusses the competitive landscape between Netscape and Microsoft during the browser wars of the mid-90s, particularly focusing on the development and standardization of the SSL protocol. It highlights the creation of SSL 3.0 by Netscape and the eventual evolution into TLS 1.0 through collaboration and negotiation with Microsoft and the IETF, addressing flaws and ensuring broader support. The narrative reflects on the historical significance and somewhat arbitrary nature of the changes made during this process.

Cloudflare's blog discusses the launch of the Azul Certificate Transparency log, designed to enhance security by allowing for better tracking and monitoring of SSL/TLS certificates. The log aims to help organizations detect misissued certificates and improve overall internet trustworthiness. Additionally, it highlights the importance of transparency in digital certificate issuance.

The CA/Browser Forum has voted to reduce the maximum lifespan of SSL/TLS certificates to 47 days by March 15, 2029, a significant decrease from the current 398 days. This change aims to enhance digital security by limiting the potential abuse of compromised certificates, though it is expected to increase the workload for IT administrators who must adapt to more frequent renewals.