TLS Certificates and Root CAs (Certificate Authorities)—New Proposal to Upheave the PKI and CLM Industries

Earlier in March 2023, Google announced it had submitted to the CA/Browser Forum its intent to reduce certificate validity of all publicly trusted Secure Sockets Layer (SSL)/Transport Layer Security (TLS) certificates from 398 days to 90 days and set maximum term limits for subordinate Certificate Authorities (CAs) at 3 years and for root CAs at 7 years. On average, root CAs can be used up to 30 years (sometimes more).

The argument behind this reduction is straightforward: shorter life spans and reduced term limits means faster rotation with newer assets in a bid to modernize the aging Public Key Infrastructure (PKI). Google has also proposed that Online Certificate Status Protocol (OCSP) services should be made optional, as they can reveal too much personal information about individuals’ browsing history. The company recommends the changes be reflected in the CA/Browser Forum Baseline Requirements for SSL/TLS server certificates. If the proposals are accepted, they will run parallel to the new standards the forum published in January 2023 for issuing and managing publicly trusted Secure/Multipurpose Internet Mail Extensions (S/MIME) certificates (used for email), which is set to come into effect on September 1.

While the proposals target certificates for web browser usage, there are a lot of other applications that use TLS, and to which the changes will also have to apply: Internet of Things (IoT) devices, server-to-server applications, Application Programming Interface (API) clients, scripts, mobile apps, etc., so private PKI enterprise usage will be affected as well. Companies like GlobalSign have already issued statements advising businesses to be prepared for major PKI changes later this year in relation to the TLS life spans, the new S/MIME standards, and Mozilla’s mandatory root changes (which will remove the SSL/TLS and S/MIME trust bits in roots when they are 15 and 18 years old, respectively).

In larger part, the push toward reducing lifetimes of CAs and certificates is one of modernization focused on crypto agility. The PKI infrastructure is an aging one, and certificate life spans have been progressively shortened over the last few years. Shortening life spans also means less need for revocation, and therefore OCSP, which is a much-maligned, resource-intensive process. Some vendors view ditching OCSP as a way to free up signing capacity and API bandwidth, certainly an advantageous benefit.

But the bigger picture is one that looks toward a Post-Quantum (PQ) world. As the U.S. National Institute of Standards and Technology (NIST) slowly but surely advances toward choosing algorithms for Post-Quantum Cryptography (PQC) standardization, the work around PQ upgrades to existing standards, specifications, and reference architectures is in full swing. Vendors are actively seeking to solve pressing implementation issues, and notably the development of hybrid certificates for PKI during the PQ migration. This is expected to take time, and vendors recognize that there is an urgency to modernizing PKI before Y2Q.

There is no doubt that these changes will provide ample opportunities for PKI and Certificate Lifecycle Management (CLM) providers to offer new solutions. Automation and PQ-readiness will be key attributes of these new platforms. But equally, this push toward crypto agility will also enable providers to better target the lucrative markets around IoT devices (both identity and secure communications) and cloud migration. The PKI industry has had trouble articulating the importance of its technology for IoT device users in particular; the message needs to be more about automation, scale, and flexibility than one that speaks to IoT as a separate market sitting in parallel to the rest (browser, email, etc.).

In a similar fashion, cloud migration is prompting providers to offer distinct PKI service capabilities that go beyond the established managed PKI market; notably through offering self-service platforms (PKI-as-a-Service (PKIaaS) and CLM-as-a-Service (CLMaaS)) that abstract all the complexities of those technologies, while still providing a certain level of control and granularity to users. In effect, this is where automation for the renewal of certificates becomes a key sticking point.

Ultimately, the PKI industry has little choice but to onboard changes if it wants to stay relevant as a trust technology. In so doing, it will also be able to answer the needs of digital transformation more fully. But more than that, it may well reduce some of the unwieldiness of existing implementations to create a more streamlined and efficient ecosystem.