I just saw this great news: Let’s Encrypt Announces 6-day Validity Certificates
Let’s Encrypt, the non-profit certificate authority, has introduced six-day validity certificates, commonly referred to as short-lived certificates.
Shorter validity periods are great for security. Traditional certificates can last up to a year, meaning if they get compromised, they remain a threat for a long time. Short-lived certificates, reduce the window of opportunity for attackers: Even if a certificate gets compromised, it will become invalid in less than a week.
Josh Aas, Executive Director of Let’s Encrypt’s parent organization, the Internet Security Research Group (ISRG), emphasizes, “Short-lived certificates practically require automation… automating certificate issuance is crucial for improving security across the web.”
Oh yeah. I couldn’t agree more.