Let’s Encrypt, the nonprofit certificate authority powering free TLS/SSL certificates for millions of websites, announced sweeping updates to its issuance policies.

The changes introduce a new “Generation Y” root hierarchy, deprecate TLS client authentication, and progressively shorten certificate lifetimes to align with CA/Browser Forum requirements.

tech

Let’s Encrypt, the nonprofit certificate authority powering free TLS/SSL certificates for millions of websites, announced sweeping updates to its issuance policies.

The changes introduce a new “Generation Y” root hierarchy, deprecate TLS client authentication, and progressively shorten certificate lifetimes to align with CA/Browser Forum requirements.