[Cryptography] New SSL/TLS certs to each live no longer than 47 days by 2029
Christian de Larrinaga
cdel at firsthand.net
Thu Apr 17 06:09:11 EDT 2025
Peter Gutmann <pgut001 at cs.auckland.ac.nz> writes:
> John Levine <johnl at iecc.com> writes:
>
>>I don't understand this objection. I have LE certificates which LE resigns
>>every 90 days. When it does that, the certificate's key doesn't change, only
>>the time stamp.
>
> The argument for doing this is that it limits the time available to an
> attacker for key compromise. If you're just re-signing the same key year in,
> year out then it's defeating the very thing that the constant-churn is
> supposedly good for.
>
> Peter.
Which suggests the architecture is itself introducing, even perpetuating
risk.
If a key is compromised it is compromised now. I don't see how waiting
an hour let alone a few days is protective given the nano second trading
frequencies out there.
At best this is a sop or to be kinder "risk mitigation" but it is not a
solution to the stated problem.
Kent has made an important point about honesty.
--
Christian de Larrinaga
More information about the cryptography
mailing list