Biometric data of 1M leaked via an unsecured Suprema owned database

From zdnet.com

istock-689019766-1.jpg

Google wants to reduce the lifespan of SSL certificates (used to secure HTTPS encrypted traffic) from the current two years to just over a year.

The proposal was made by Ryan Sleevi, Google’s representative, at a F2F meeting of the CA/B Forum in Thessaloniki, Greece, in June.

The CA/B Forum is an unofficial industry group made up of certificate authorities (CAs; companies that issue SSL certificates) and browser makers.

NO VOTE HAS BEEN HELD YET

Per Sleevi’s proposal, starting with March 2020, the lifespan of all newly issued SSL certificates would become 397 days (roughly a year and a month) instead of the current 825 days (about two years and three months).

No vote was held on the proposal; however, most browser vendors expressed their support for the new SSL certificate lifespan.

Read more…