In a move aimed at bolstering data security, Google has taken the step of shortening the maximum lifespan of Transport Layer Security (TLS) certificates.
Concurrently, Microsoft is planning to phase out support for older versions of TLS, the encryption protocol used to safeguard data transmitted over networks and the internet, with a focus on promoting TLS v1.2 and 1.3 for heightened security. Commencing this month, Microsoft will deactivate TLS v1.0 and v1.1 by default in the Windows 11 Insider Preview, with broader deactivation planned for future Windows versions. This decision aligns with industry standards and pushes organizations towards automation for improved certificate management and enhanced security agility.
Although this shift to TLS 1.3 adoption brings performance benefits and elevated security, it also raises concerns regarding traffic visibility. As more organizations adopt TLS 1.3 and DNS-over-HTTPS, the inspection of network traffic may become challenging, potentially hindering threat detection. Consequently, solutions are being sought to restore visibility within the encrypted network landscape.
While TLS vulnerabilities remain infrequent, it is crucial to uphold updated encryption practices to ensure comprehensive security. The move towards shorter TLS certificate lifetimes not only aligns with industry standards but also encourages automation, fostering better security practices in a rapidly evolving digital landscape.