Let's Encrypt to Offer Short-Term TLS Certificates from 2025

Let's Encrypt, a popular Certificate Authority (CA), has filed a proposal with the Internet Security Research Group (IETF) to introduce shorter-lived TLS/SSL certificates with a validity period of just 45 days. This is a significant reduction from the current 398-day validity period. The proposal aims to improve security and reduce the attack window for cyber threats.

The shorter-lived certificates are designed to mitigate the risks associated with long-lived certificates, which can remain valid for nearly a year. By limiting the validity period to just 45 days, the attacker's window of opportunity to exploit a certificate is significantly reduced.

According to reports, Let's Encrypt plans to begin offering short-term TLS certificates in 2025. This change is expected to have a positive impact on network security and will likely become a standard in the industry.

In related news, Let's Encrypt has already been providing 90-day certificates, which need to be renewed or reissued before the validity period expires. While this can be convenient for users, it also increases the attack window for malicious actors.

In addition to the shorter-lived certificates, Let's Encrypt is also planning to offer 6-day short-term TLS certificates, which will be made available from next year (2024). These certificates will have an even shorter validity period, making them even more secure.

The introduction of short-term certificates is expected to be a positive development for the security of the internet. By reducing the attack window, it will be more difficult for malicious actors to exploit long-lived certificates and undermine the trust in online transactions.

The final goal of this new initiative is to improve the security of online interactions and promote a safer internet for everyone. By limiting the validity period of TLS certificates, Let's Encrypt is taking a significant step towards achieving this goal.