This article details the development and significance of the ACME protocol, which underpins Let’s Encrypt, an automated certificate authority. It explores the challenges of implementing encryption across the web and highlights the evolution of ACME in promoting widespread HTTPS adoption.

The CA/Browser Forum has approved a plan to reduce the maximum validity period of SSL/TLS certificates from 398 days to 47 days by March 15, 2029, in a bid to enhance internet security and encourage automation in certificate management. This transition will occur gradually, with incremental reductions starting in 2026, but has faced skepticism regarding its practicality and the lack of empirical evidence supporting its effectiveness. Proponents argue that shorter lifespans will enhance security by limiting the exploitation window of compromised certificates and fostering automated management solutions.