The 2 previous attempts to reduce certificate lifetimes to 1 year came with Ballot 185 in Feb 2017 and then Ballot SC22 in Sep 2019. You can read all of the details on both of those in my blog Ballot SC22: Reduce Certificate Lifetimes, but in both ballots the support from CAs was poor whilst the support from browsers reached 100% in the second ballot.
Certificate lifetime capped to 1 year from Sep 2020
With 100% support from the browsers in the second ballot there was a clear sign that they wanted this, and with very good reasons too. I have a blog post going back 2 years on Why we need to do more to reduce certificate lifetimes so if you're interested in some of the reasons then you can check them out there, but there are some very good reasons that have only become more important over time.
The CA/B Forum met in Bratislava this week and at that meeting, Apple announced their plans to enforce a maximum lifetime on TLS certificates of 398 days. Any new certificate issued from this date can only have a maximum lifetime of 398 days or it will not be accepted as valid by Apple in applications like Safari. With Safari hovering around 18% of the browser market share, they're definitely big enough to enforce a change like this on their own, but I fully expect other browser vendors to follow suit with their own requirements and signal their support for Apple. This change will not impact any existing certificates so there's no need to panic, you will simply only be able to obtain 1 year certificates from Sep 1st 2020.
Of the sites presenting certificates to the crawler, 25% of those sites will need to renew with a shorter certificate from 1st Sep 2020 as they're currently using one longer than the 398 day maximum. It's not just me looking at this either, Paul Calvano did an analysis using a different data set from HTTP Archive and came back with the exact same 25% figure for certs that will be too long!
That data covers over 5 million websites so it's nice to see my findings backed up by other independent work. It seems quite a few people will be in for a surprise come Sep 2020 if they still want their longer certificates! I will keep an eye on this number over the months leading up to the change and then in the months following to see how soon the industry shifts to 1 year certs.
On September 1, all Certificate Authorities are required to stop issuing 2-year TLS/SSL certificates. The new industry-allowed maximum validity will be 1 year (398 days). DigiCert is limiting the maximum certificate validity to 397 days to account for differences in time zones. This change applies to all publicly trusted TLS/SSL certificates.
Any pending 2-year certificates that have not been issued by August 27 will follow the new rules. The future certificate can only have a maximum of 397 days, and the balance of time can be claimed by issuing a new certificate for the remaining duration.Any 2-year certificates issued by August 27 will remain valid until expiration without any modification or replacement. However, as we are unable to reissue 2-year certificates after August 27, any reissues made after that date will be reduced to 397 days.
DigiCert Multi-year Plan certificates allow your customers to place a TLS/SSL certificate order for up to six years. Although these certificates will still need to be replaced annually per industry guidelines, your customers can eliminate the hassle of annual renewal payments and plan for renewals at their convenience without losing time they have paid for. Multi-year Plan support is available for 2- to 6-year orders.
The goal is to create a more secure web environment. By reducing the certificate lifetime to a maximum of 398 days, or roughly 1 year and a month, it forces administrators to rotate certificates more frequently.
Some vendors still allow you to purchase multi-year certificates. How does that work then? Well, you'll get a discount for the multi-year purchase, and every year they'll send you a new certificate to replace the previous one.
Last year, members at Google initiated a ballot to reduce the maximum certificate lifetime to 1yr. The ballot is done via the CA/B Forum, the industry standard way that groups SSL issuers, browsers, important stakeholders, etc.
Even though no consensus could be reached through the CA/B Forum, because the browser that hold 80%+ of the market share agreed to limit the certificate lifetime, the issuers of certificates have no choice but to follow along.
This change will affect only TLS server certificates issued from the Root CAs preinstalled with iOS, iPadOS, macOS, watchOS, and tvOS. Additionally, this change will affect only TLS server certificates issued on or after September 1, 2020; any certificates issued prior to that date will not be affected by this change.
In February at the CA/Browser Forum in Bratislava, Slovakia (and later officially), Apple has announced that starting September 1st, maximum TLS certificate lifetime in Safari (and probably in the whole macOS and iOS and all apps) will be just 1 year, 398 days exactly. Apple's change has been now followed by both Chrome and Mozilla. That's very good news. But why?
Apple has effectively done what the majority of certification authorities didn't want to do: shorten the maximum validity of issued certificates to cca one year. And even if other browsers have not announced anything similar (yet?), certificates valid for more than one year are basically dead. And by certificates I mean leaf certificates issued by publicly trusted certification authorities.
Maximum TLS certificate lifetime in browsers today is 825 days (a bit more than 2 years), was 39 months (3 years, 3 months) up until March 2018, and in the early days you could have a certificate for 5 years or even 10. EV certificates were always capped at 2 years maximum (825 days since March 2018, 27 months before).
In September 2019, a ballot reducing lifetimes of all certificate types to just 398 days failed. All browsers from the CA/B Forum voted yes but only a third of the CAs liked the idea and that was not enough.
Regardless of the outcome of the ballot, some CAs have decided to limit the maximum validity of issued TLS certificates to 1 year anyway. Let's Encrypt is issuing 90-day certificates (and recommends renewal after 60 days) since day one.
If you want your certificate to be trusted in Safari (and probably other macOS/iOS browsers too) after September 1st, 2020, you'd need to use a certificate issued for 1 year or less. Otherwise your users might see errors like NET::ERR_CERT_VALIDITY_TOO_LONG when visiting your site.
Capping certificate lifetimes in browsers was sort of expected but I was personally betting on Chrome being the first. Google has announced the same certificate lifetimes change in June, followed by Mozilla in July.
The same month a ballot has passed that has changed Baseline Requirements to say that beginning September 1st, 2020, CAs must not issue certificates with lifetimes longer than 398 days. Some authorities couldn't be really bothered and have issues roughly a hundred certificates with longer lifetimes anyway.
Seems the surest thing to do is wait until the certificate expires and create a new one with new keys. And waiting 1 year at worst is still much better than waiting 2 years at worst. But even waiting 1 year is too long so we should further continue with capping the lifetimes.
Long story short, we want certificates with shorter lifetimes and Apple has sort of managed to cap them at 1 year, thanks! There are almost no reasons left to purchase 2-year certificates now and while you can still do it, soon you don't want to. Buying them would equal throwing money out of window and there are better things to use them on. Like Scott's HTTPS training. Or mine if you're in CZ. Or ?. Or all of it.
28 February 2018 marked the last day that organizations could purchase certificates with a three-year validity period, and 31 August 2020 was the last day organizations could purchase certificates with a two-year validity period. All SSL/TLS certificates issued on or after 1 September 2020 have a maximum lifespan of approximately 13 months, a 51% reduction. This change is significant in that organizations will need to renew their certificates more often. Many security experts, including Hashed Out Editor-in-Chief Patrick Nohe, fear that this change will cause complexity involved in the re-issuing process and increase instances of certificate-related outages. In reality, the only organizations that should be worried are the ones with no visibility or control over their machine identities. If you have embraced automation and have a thorough knowledge of your keys and certificates, these shorter certificate lifecycles are a good thing.
The certificate ecosystem is not static. It's constantly changing, in large part due to the appearance of new threats.Take SHA-1, for example. CAs used to rely on the hash algorithm to generate certificate signatures. But then the algorithm got older and weaker, eventually forcingChromeand other web browsers to no longer trust SHA1-signed certificates back in 2015. In August 2020, a new malware emerged that targets SSH certificates.Shorter validity periods compel CAs and owners to stay on top of threat developments and reduces the need for unscheduled re-issuing. On the other hand, longer certificate validity periods make it easy for CAs to lose touch with the ever-changing certificate ecosystem and fall pretty to new threats. This lack of action for extended periods of time could result in certificates going dark well before their expiration dates.
Organizations obviously want to avoid a key compromise but recognize that these incidents are always possible. Many organizations will frequently rotate their cryptographic keys, reducing the material encrypted with a single key and minimizing the potential impact of a single key compromise.Key rotation requires that organizations use a different key with their certificate, and such a change necessitates re-issuing a certificate. Shorter validity periods eliminate these concerns; enterprises can simply time the rotation of their keys to coincide with their certificates' expiration dates. Longer certificate lifetimes require organizations to take the time and money to request that CAs reissue their certificates far more frequently. 2ff7e9595c
Comments