Comment by mike_d

18 hours ago

I have always been a bit puzzled by this. By issuing fixed length certificates you practically guarantee oscillation. If you have a massive traffic spike from, say, a CDN mass reissuing after a data breach - you are guaranteed to have the same spike [160 - $renewal_buffer] hours later.

Fuzzing the lifetime of certificates would smooth out traffic, encourage no hardcoded values, and most importantly statistical analysis from CT logs could add confidence that these validity windows are not carefully selected to further a cryptographic or practical attack.

A https://en.wikipedia.org/wiki/Nothing-up-my-sleeve_number if you will.

2 comments

mike_d

cpach 11 hours ago

There is a solution for smoothing out the traffic: RFC 9733, ACME Renewal Information (ARI) Extension

https://datatracker.ietf.org/doc/rfc9773/

mike_d 6 hours ago

That only addresses half the problem and is just a suggestion vs something clients can't ignore.