What is the Certification Authority/Browser Forum (CA/B Forum)?
The Certification Authority/Browser (CA/B) Forum is a voluntary group of certificate authorities (CAs), vendors of internet browser software, and suppliers of other applications that use X.509 digital certificates for TLS/SSL and code signing. Since its creation in 2005, the Forum has defined standards for the CA industry based on industry best practices. These standards, called Baseline Requirements, are a set of technical and procedural policies that must be adhered to by all public CAs, whether they are or are not members of the Forum. These standards improve the ways that TLS certificates are used, benefiting users of the internet and securing their communications.
How Does the CA/B Forum Determine TLS/SSL Certificate Validity Periods?
The CA/B Forum determines TLS/SSL certificate validity periods according to a member voting process laid out in its governing bylaws. The current standard for maximum certificate validity is 397 days, or approximately 13 months, and was instituted on September 1, 2020. Prior to this date, certificates were valid for a up to 825 days.