Frost has released their latest Radar report on the TLS market, and the conclusion that jumps out of it is clear: The public TLS market is no longer about certificates.
Do you remember when the public certificates landscape was only about DV versus OV versus EV? We already commented in a previous post about the rapid-fire pace of our industry leading to constant changes to regulations and having a deep impact on the way certificates are consumed, but overall, there have been so many changes to the public trust landscape over the past 5 years, it would be almost pretentious to keep a full list.
The pandemic was probably one of the most recent drivers for this growth, but year over year what we saw happen that drove the biggest changes are:
- New players and new protocols in the market starting to issue DV certificates in volumes never seen before, turning all forecasts upside down and making the traditional, volume-based market share almost irrelevant.
- Initiatives promoting, enforcing, and supporting the use of TLS/SSL protocols, giving all website owners a reason to focus on always-on TLS/SSL, short-lived certificate and lifecycle automation instead of long-term, multi-domain certificates and manual installations.
- The development of cloud-based solutions, removing significant burdens to the deployment and maintenance of PKI-based use cases such as intranet security, machine identity, user authentication, and signing services.
These important transformations have deeply increased the number of certificates required by organizations, regardless of their geography or size. But most importantly, it highlighted two facts:
- The glaring need for secure online identities for everything: humans, computers, servers, etc., and for ways to verify and trust such identities.
- The incredible usefulness of PKI-based technology when it comes to securing and sharing these identities, which paved the way for new scenarios where public trust and PKI had a role to play (high-assurance document signatures being a wonderful example).
It’s therefore no surprise to see how the expectations toward public certification authorities shifted from traditional “certificate vendor” requirements to stronger needs for expertise and innovation across use cases.
In their latest report, Frost and Sullivan acknowledged this fact by opening up their market evaluation to more than just market share. It’s no longer about which TLS/SSL certificate a public certification authorities can provide, but about which use case they can support, how innovative they can be, and whether they are aligned with market needs from both a product and knowledge perspective. Most importantly, certificate management tools, features, and services are now as important as, if not more important than, the certificate product itself. The Frost Radar report states: “As the adoption of TLS certificates expands beyond web servers to IoT devices, email, digital signatures, and other applications, the number of certificates used by an organization accumulates. As a result, certificate management and automation capabilities have become absolute necessities.”
Being able to provide a full portfolio of services around public & private trust, including tools and supporting services, is the reason Entrust has been so successful in this market shift. We are committed to developing innovative solutions and going beyond the standard “certificate” thinking to focus on our customers’ growing needs for advice and support beyond TLS/SSL, especially when it comes to crypto-management, multi-cloud security, and machine identities.
Learn more about the 2022 Frost Radar on the TLS Market
Learn more about our Certificate Services