Seth David Schoen
schoen at eff.org
Fri Jun 24 15:18:04 EDT 2016
Ron Garret writes:
> The whole idea of an expiration date (rather than an issue date)
> on a certificate is a sort of a scam by the CAs to coerce people
> into renewing (and hence paying for) their certificates on a regular
> schedule. I think some CAs don’t even enforce the use of a new key
> when a cert is renewed, which defeats the whole purpose.
Certificate expiry is useful if there isn't a way to check whether
a certificate has been revoked, or if some relying parties don't check
in practice, or if the revocation channel is unreliable.
It's also useful if certificate issuers think information in a certificate
may become inaccurate over time, but can't or don't continually check
whether the information has gone stale.
It's also useful, as you mentioned, if there's an ongoing risk of an
undiscovered private key compromise over time. In that case the private
key should be changed periodically.
Finally, certificate issuees rarely actively revoke certificates when
they're no longer relevant. If certificates didn't expire, there
would be an enormous pool of obsolete and disused certificates that
were still valid and could still potentially have their private key
out there somewhere (maybe in a backup or on a decommissioned server).
This also has operational consequences for CAs both in terms of OCSP and
CRLs: if the CA couldn't rely on expiry, it would have to keep signing
all unrevoked certificates for OCSP freshness and keep including all
revoked certificates in the CRL; both the lists of revoked and unrevoked
certificates could grow without bound, taxing CA resources and the
resources of CRL users. For example, VeriSign might still have an
ongoing requirement to publish fresh data about certificates from 1995.
Seth Schoen <schoen at eff.org>
Senior Staff Technologist https://www.eff.org/
Electronic Frontier Foundation https://www.eff.org/join
815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107
More information about the cryptography