1、WhatWhat s up CAs?s up CAs?17th CA DaySeptember 25,2025Iigo Barreira CA Manager at Sectigo.ETSI ESI Vice-chair1.CA topicsa)47 days validity and 10 days domain validationb)PQCc)Automationd)clientAuthe)OCSP vs CRLsf)Multi-purpose CAsg)Transparency in the EU2.ETSI ESI update3.CA/Browser Forum updatea)W
2、Gs updateAgendaAgendaCA TopicsEnhanced securityLimiting outdated cryptographic standardsOperational efficiencyAgility and flexibilityAdoption of best practices47 days validity and 10 days domain validation 47 days validity and 10 days domain validation Why shorter TLS certificate lifecycles are a be
3、tter Why shorter TLS certificate lifecycles are a better choicechoiceEffective dateCertificate termDCV reuse periodData reuse periodToday398 days398 days825 days(EV 398 days)March 15,2026200 days200 days398 daysMarch 15,2027100 days100 days398 daysMarch 15,202947 days10 days398 days47 days validity
4、and 10 days domain validation47 days validity and 10 days domain validationTLS term stepTLS term step-downdown47-day TLS means 12x more workStep 1:Awareness&DiscoveryStep 3:Automation mappingStep 5:Crypto agilityStep 2:Vendor technology inventoryStep 4:Rollout plan4747-Day Survival ChecklistDay Surv
5、ival Checklist Quantum computing changes everything Threat to traditional encryption methods such as RSA and ECC Automation is the key to crypto agility in the quantum eraPQC PQC-2030:The ticking time bomb2030:The ticking time bombRobotic and automated processes Can lessen the IT skills gapCompanies
6、 that are often particularly short on IT skilled staff,are,those who arent moving forward with IT automation Automation implementation also requires skillsExisting staff refuse to automate,for fear of job securityProject management is an extra project A project might be difficult and more work befor