this post was submitted on 16 Dec 2024
16 points (100.0% liked)
Security
5068 readers
1 users here now
Confidentiality Integrity Availability
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
So is this specifically for less trusted transition certs, to provide encryption when the old cert is known to be compromised and the new cert isn’t fully deployed yet?
Interested amateur disclaimer!
Fast rotating certificates always more secure because the timeframe between beach discovery and system inherent revoke is shorter.
How big the impact in terms of real life is I can't even guess because of the (from my perspective) weird circumstances they must happen to depend on the certificate lifetime itself.
I guess it's just one of these "every but helps" factors more than specific use cases.