ZDNet

Let's Encrypt disables TLS-SNI-01 validation

Let's Encrypt has disabled TLS-SNI-01 validation after the discovery of an attack able to hijack certificates using the protocol. The certificate authority, which offers free SSL and TLS certificates ...

Why October 1, 2026, could be the day SSL/TLS certificates break the Internet

The 200-day certificate limit starts March 15. Is your organization ready for the fallout?
SiliconANGLE

Security certificate lifespans to be reduced to 47 days by 2029 under new industry standard

The Certification Authority Browser Forum has voted to reduce Secure Sockets Layer/Transport Layer Security certificates to 47 days by March 2029, in a move that will radically alter existing security ...
Forbes

Digital Groundhog Day: The 47-Day TLS Certificate Mandate You Can’t Escape

Every digital transaction—checkout, login, API call—runs on a hidden foundation of millions of machine identities. Transport Layer Security (TLS) certificates, just one type of machine identity, are ...
CSOonline

Wildcard Certificate Risks and the ALPACA TLS Attack

What is the ALPACA attack? The application layer protocol content confusion attack (ALPACA) was first disclosed in June and presented at Black Hat USA 2021. To understand ALPACA, it’s helpful to ...
Dark Reading

Microsoft, Google Take on Obsolete TLS Protocols

Microsoft plans to disable older versions of the Transport Layer Security (TLS) protocol, the ubiquitous communications encryption used to protect information sent over networks and the Internet.