Industry leaders gathered in Tokyo for the March 2025 CA/Browser Forum Face to Face meeting to discuss crucial updates in digital trust infrastructure. The meeting focused on three major developments that will shape the future of online security.

47-Day Certificate Lifespan

The SC-081 ballot, proposing to reduce SSL/TLS certificate validity periods to 47 days over four years, has passed as of April 11. This change represents a significant shift toward enhanced security measures and reduced risks associated with long-lived certificates.

Open MPIC Implementation

The Open Multi-Perspective Issuance Correlation (MPIC) project addresses DNS-based attacks during domain validation. Key features include:

• Multi-perspective DNS verification
• Reduced risk of DNS spoofing and cache poisoning
• Privacy-preserving framework
• Mandatory monitoring mode as of March 15
• Full implementation required by September 15, 2025

Legal Challenges and TROs

The forum addressed growing concerns about temporary restraining orders (TROs) interfering with certificate authorities' security operations:

• Recent case of a subscriber blocking BR-mandated revocation
• Need for protecting security processes from legal interference
• Development of internal protocols and legal readiness plans
• Industry-wide initiative to preserve mandated security rules

The Tokyo meeting demonstrated the critical role of collaboration in cybersecurity advancement. These updates reflect the industry's commitment to strengthening digital trust infrastructure while adapting to emerging challenges in the online security landscape.

Related Articles

Previous Articles