Pulse of Truth

921 readers

46 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 2 years ago

MODERATORS

[email protected]

Mandatory short duration TLS certificates are probably coming soon (utcc.utoronto.ca)

submitted 1 week ago by [email protected] to c/[email protected]

3 comments fedilink hide all child comments

Comments

top 3 comments

sorted by: hot top controversial new old

[–] [email protected] 1 points 1 week ago

From the article:

"... a number of organizations that voted to abstain seem unenthused (and uncertain that it can actually be implemented), so this may not come to pass, especially on the timeline proposed here."

The proposed target is 2029. It's just a proposal. I don't think "probably" is warranted.

[–] [email protected] 1 points 1 week ago

questions I couldn't answer for myself:

who imposes these restrictions (not the CABF. browser vendor? OS? or some upper entity like whatwg?)
who will be affected (selfhosted environments?)

[–] [email protected] 1 points 1 week ago

With TLS certificates being close to free, or free, it seems like a good direction to go. Sure, nobody loves dealing with certs, but short expires help in safeguarding critical infrastructure identities. Seems like an overall positive change.