And you don't think that years ago people would have said "of course you'll be able to keep your security cert for more than two months"?

The people who innovate in security are failing to actually create new ways to verify things, so all that everyone else in the security industry can do to make things more secure is shorten the cert expiration. It's only logical that they'll keep doing it.