TLS certificate lifetimes will officially reduce to 47 days

Why 47 Days? 47 days might seem like an arbitrary number, but it’s a simple cascade: 200 days = 6 maximal month (184 days) + 1/2 30-day month (15 days) + 1 day wiggle room 100 days = 3 maximal month (92 days) + ~1/4 30-day month (7 days) + 1 day wiggle room 47 days = 1 maximal month (31 days) + 1/2 30-day month (15 days) + 1 day wiggle room Apple’s justification for the change In the ballot, Apple makes many arguments in favor of the moves, one of which is most worth calling out. They state that the CA/B Forum has been telling the world for years, by steadily shortening maximum lifetimes, that automation is essentially mandatory for effective certificate lifecycle management. The ballot argues that shorter lifetimes are necessary for many reasons, the most prominent being this: The information in certificates is becoming steadily less trustworthy over time, a problem that can only be mitigated by frequently revalidating the information. The ballot also argues that the revocatio ... Read full article.