JANUARY 2025
Domain validation: new procedures for Certification Authorities (CAs)
Starting from 2025, the domain validation landscape will undergo significant changes that will affect how organizations manage their SSL certificates. The new regulations for domain validation, established by the CA Browser Forum, concern the procedures followed by Certification Authorities (CAs) for issuing SSL certificates.
What will change from 15 January 2025?
Certification Authorities (CAs) can no longer use domain contact information obtained through websites in the certificate issuance process. This measure ensures that the information is always up-to-date and accurate. Updated data (no older than 48 hours) will be required from WHOIS and RDAP protocols to gather information about domains. Therefore, CAs will need to query the appropriate servers through these protocols, ensuring the reliability and precision of the data used.
What will happen after 15 July 2025?
CAs are no longer allowed to use, for domain validation purposes, methods based on email, fax, SMS, or calls to a generic Domain Contact. Additionally, validations previously carried out using this method cannot be reused for issuing new certificates.
What will be required of Organizations
These changes require organizations to adapt their digital security certificate management processes, ensuring that all new requests comply with updated directives. The new measures will strengthen the security and integrity of online domains, although they will require companies to update their domain information management practices.