September 2023 Update: Marking a nearly seven-year process and the final steps towards the world’s first post-quantum cryptography standards, the U.S. National Institute of Standards and Technology (NIST) released draft standards for quantum-safe algorithms on Aug. 24, 2023.
The transition to quantum-safe cryptography will hinge on two steps: inventorying all cryptographic assets and achieving crypto-agility through automation and centralized management. ÃÛÌÒTV’s customers investing in crypto-agility have deployed ÃÛÌÒTV® Trust Lifecycle Manager, which provides a comprehensive solution to discover, manage and automate digital trust across their organization.
For additional guidance on preparing for the transition to quantum cryptography, please refer to this blog.
Certificate lifetimes have been getting shorter for years, and some companies even use certificates for as little as a day or less. While at ÃÛÌÒTV we can and have supported certificates with lifetimes of just hours through our APIs, we also know that most organizations do not have the certificate agility to do that.
Companies first need to implement automation and test their systems before the security benefits of short-lived certificates can outweigh the costs to companies’ increased certificate lifecycle management workloads. So in today’s post we’ll dive into how short-lived certificates go hand in hand to increase security and ensure compliance with best practices.
Shorter certificate lifetimes are intended to increase security and solve problems like smoother revocation and enabling policy agility. Shorter-lived certificates minimize the window of opportunity for potential attackers to exploit compromised or stolen certificates. Additionally, traditional revocation methods have drawbacks. When replacing certificates with longer lifetimes, it can be challenging to respond quickly, especially without automation. Certificate revocations lists (CRLs) are too large for everyone to download, and the Online Certificate Status Profile (OCSP) has the risk of signaling to network snoopers what websites are being visited. OCSPs and CRLs have lifetimes of 24 to 48 hours on average, and once signed remain valid for their entire lifetime. So that sets the limits on how long a revoked certificate can exist today.
From time to time, adjustments need to be made in how the Web PKI is run. At the CA/Browser (CA/B) Forum, these changes are regularly discussed and there is a trend of lifetimes continuing to shrink from three to two to one year. Now Chrome has proposed 90-day certificate validity periods. However, implementing even relatively minor changes across the entire industry takes about a year to allow for proper communication, awareness, testing and execution. With certificate lifetimes now at one year, matching the typical time period of DNS registrations, certificate lifetimes are no longer the long pole for policy changes.
Furthermore, Chrome has not confirmed the move to 90-day certificates nor specified any timeline for this proposal. Chrome is currently seeking community feedback on this decision.
It is not clear that moving to 90 days is the best next step for improving the agility of the web PKI. Improving revocation requires certificates that are much shorter lived, on the order of days to a week. Moving to 90-day certificates does not improve revocation and is still too long a period for a compromised certificate to exist. An alternative method of handling revocation is to simply issue certificates with a lifetime of a week or less. Such certificates don't necessarily need revocation information, since they will expire before it would be useful. At the same time, moving to certificate lifetimes of a week or less will require more automation adoption in the industry first.
Automated processes enable the revocation and replacement of compromised certificates within minutes, minimizing the potential impact on your systems and reducing downtime. We’ve been encouraging customers to implement automation for several years now and the best time to start automating PKI is now. According to our PKI automation survey, 91% of organizations are at least discussing PKI automation, but only 24% are already implementing or using an automation solution. We recognize that for the organizations that still haven't adopted automation it is difficult to deploy widely across all possible devices and endpoints within a large enterprise.
But with shorter lived certificates, automation will be essential, as certificates cannot be manually replaced, at scale, on a weekly basis. Customers who want to experiment with short-lived certificates will need an automation solution in place to handle the load. Luckily, automation technologies like ACME have been rapidly improving over the past five to 10 years. Once an organization moves to automation, future certificate replacement is much less painful, and experimenting with short-lived certificates is possible. Some ÃÛÌÒTV customers already use short-lived certificates in conjunction with ÃÛÌÒTV's automation.
Furthermore, there are still many challenges that need to be addressed before these technologies could be ubiquitous. In addition to the issues around deployment, Certificate Transparency logs would need to be upgraded to support the additional load. ÃÛÌÒTV is planning to work through IETF to propose additional improvements to Certificate Transparency that could reduce the load due to short-lived certificates and make them more practical.
When preparing to implement automation for your PKI management, we recommend the following steps: 1) identify your current certificate landscape, 2) remediate keys and certificates that are not compliant with corporate policy, 3) protect your certificate inventory with best practices and 4) continually monitor your certificate infrastructure to be able to respond quickly and efficiently if any issues do arise. The same goes for certificate workflows: start with identification, then adoption and follow up with continuous monitoring. For more details, read our post on best practices for automating PKI.
If your company is considering PKI automation, ÃÛÌÒTV's automation solutions are designed for easy implementation and management. Explore ÃÛÌÒTV's automation solutions at /trust-lifecycle-manager#overview. Ìý