Skip to main content

State of the market: in the public certification authorities' world, TLS/SSL is no longer about certificates

Aug

23

2022

Time to read

Read so far

Written by: 

Scott Shetler

Time to read

Written by: 

915550_TLS Market is no longer about certificates_Blog Image_1000x420

Frost has released their latest Radar report on the TLS market, and the conclusion that jumps out of it is clear: The public TLS market is no longer about certificates.

Do you remember when the public certificates landscape was only about DV versus OV versus EV? We already commented in a previous post about the rapid-fire pace of our industry leading to constant changes to regulations and having a deep impact on the way certificates are consumed, but overall, there have been so many changes to the public trust landscape over the past 5 years, it would be almost pretentious to keep a full list.

The pandemic was probably one of the most recent drivers for this growth, but year over year what we saw happen that drove the biggest changes are:

  1. New players and new protocols in the market starting to issue DV certificates in volumes never seen before, turning all forecasts upside down and making the traditional, volume-based market share almost irrelevant.
  2. Initiatives promoting, enforcing, and supporting the use of TLS/SSL protocols, giving all website owners a reason to focus on always-on TLS/SSL, short-lived certificate and lifecycle automation instead of long-term, multi-domain certificates and manual installations.
  3. The development of cloud-based solutions, removing significant burdens to the deployment and maintenance of PKI-based use cases such as intranet security, machine identity, user authentication, and signing services.

These important transformations have deeply increased the number of certificates required by organizations, regardless of their geography or size. But most importantly, it highlighted two facts:

  1. The glaring need for secure online identities for everything: humans, computers, servers, etc., and for ways to verify and trust such identities.
  2. The incredible usefulness of PKI-based technology when it comes to securing and sharing these identities, which paved the way for new scenarios where public trust and PKI had a role to play (high-assurance document signatures being a wonderful example).

It’s therefore no surprise to see how the expectations toward public certification authorities shifted from traditional “certificate vendor” requirements to stronger needs for expertise and innovation across use cases.

In their latest report, Frost and Sullivan acknowledged this fact by opening up their market evaluation to more than just market share. It’s no longer about which TLS/SSL certificate a public certification authorities can provide, but about which use case they can support, how innovative they can be, and whether they are aligned with market needs from both a product and knowledge perspective. Most importantly, certificate management tools, features, and services are now as important as, if not more important than, the certificate product itself. The Frost Radar report states: “As the adoption of TLS certificates expands beyond web servers to IoT devices, email, digital signatures, and other applications, the number of certificates used by an organization accumulates. As a result, certificate management and automation capabilities have become absolute necessities.”

Being able to provide a full portfolio of services around public & private trust, including tools and supporting services, is the reason Entrust has been so successful in this market shift. We are committed to developing innovative solutions and going beyond the standard “certificate” thinking to focus on our customers’ growing needs for advice and support beyond TLS/SSL, especially when it comes to crypto-management, multi-cloud security, and machine identities.

Learn more about the 2022 Frost Radar on the TLS Market

Learn more about our Certificate Services

photo-scott-shetler
Scott Shetler
Senior Director, Product Management, Certificate Solutions
Scott Shetler has worked in Product Management of technology companies for 22 years, beginning in financial products and with the last 12 focused on cyber security and SSL. Scott oversees Product Management for the Certificate Services Enterprise portfolio of products and services.
View all of Scott's Posts
Facebook