In summary, the proposed certificate maximum lifetime:

- Domain Validation: from 398 to 90 days (same as the Let's Encrypt limit [1])

- Root CA: from 30+ to 7 years

- Subordinate CA: 3 years

[1] https://letsencrypt.org/2015/11/09/why-90-days.html

This makes the web unusable for semi-connected devices. An offline capable mapping app where the app expires so quickly is a nasty lurking time bomb.