Starting next year: > Our longstanding offering won’t fundamentally change next year, but we are > going to introduce a new offering that’s a big shift from anything we’ve done > before—short-lived certificates. Specifically, certificates with a lifetime of > six days. This is a big upgrade for the security of the TLS ecosystem because > it minimizes exposure time during a key compromise event. > > Because we’ve done so much to encourage automation over the past decade, most > of our subscribers aren’t going to have to do much in order to switch to > shorter lived certificates. We, on the other hand, are going to have to think > about the possibility that we will need to issue 20x as many certificates as > we do now. It’s not inconceivable that at some point in our next decade we may > need to be prepared to issue 100,000,000 certificates per day...