Short lived certificate
Short lived certificate
Posted Aug 26, 2025 14:36 UTC (Tue) by ju3Ceemi (subscriber, #102464)In reply to: Short lived certificate by dskoll
Parent article: Linux's missing CRL infrastructure
This would kill all existing TCP connections in the process
Users would probably not be happy
Posted Aug 26, 2025 14:46 UTC (Tue)
by dskoll (subscriber, #1630)
[Link]
Yes, there is that disadvantage. So I guess it should be an option that you only enable if you want to shake out devices that have a dynamic address that should have a static address. It's probably not something you'd want on a public access WiFi network, for example.
Short lived certificate