[Cryptography] New SSL/TLS certs to each live no longer than 47 days by 2029
John Levine
johnl at iecc.com
Wed Apr 16 13:23:02 EDT 2025
It appears that Peter Gutmann <pgut001 at cs.auckland.ac.nz> said:
>Peter Fairbrother <peter at tsto.co.uk> writes:
>
>>Is this a real security measure or just a boondoggle?
>
>It's a boondoggle, frantic activity to distract from having to solve the real
>problems, as well as plenty of scope for further changes of the time interval
>when the current one fails to have any effect. Arguably it'll actually make
>things worse since you're losing key continuity,
I don't understand this objection. I have LE certificates which LE resigns every
90 days. When it does that, the certificate's key doesn't change, only the time
stamp. I also have DANE TLSA records for the same certificates which do not
change because the key doesn't change.
The underlying issue is that browser vendors are not willing to do anything that
will make it even a little bit slower to load a web page. OCSP is slow, so nope.
DANE requires an extra DNS lookup, so nope. Browsers use static copies of the
Public Suffix List to prevent cookie stealing which are generally installed
along with the browser so their PSL is always out of date. The IETF DPRIVE
working group came up with ways to put easily updated PSL-like info in the DNS
but that would be an extra DNS lookup, so nope.
On the other hand the IETF invented the SVCB DNS record which combines what would
otherwise be several lookups into one, making it faster. Browser makers adopted
that in about 30 seconds.
R's,
John
More information about the cryptography
mailing list