Comment by lmz
2 days ago
While we're on the subject of cert lifetimes. Is there a longer lived, public CA-issued cert for TLS client purposes?
I sometimes deal with a relying party that insists on public CA issued certs for TLS client use, and then makes rotation very painful behind a portal with 2FA etc. This would be fine if public CAs issued certs for 5 years but they seem to be limited to 1 year now because of browser policy.
No comments yet
Contribute on Hacker News ↗