top | item 43708785 (no title) fs111 | 10 months ago Load on the underlying infrastructure is a concern. The signing keys are all in HSMs and don't scale infinitely. discuss order hn newest bob1029|10 months ago How does cycling out certificates more frequently reduce the load on HSMs? timmytokyo|10 months ago It's all relative. A 47-day cycle increases the load, but a 48-hour cycle would increase it substantially more. woodruffw|10 months ago Much of the HSM load within a CA is OCSP signing, not subscriber cert issuance.
bob1029|10 months ago How does cycling out certificates more frequently reduce the load on HSMs? timmytokyo|10 months ago It's all relative. A 47-day cycle increases the load, but a 48-hour cycle would increase it substantially more. woodruffw|10 months ago Much of the HSM load within a CA is OCSP signing, not subscriber cert issuance.
timmytokyo|10 months ago It's all relative. A 47-day cycle increases the load, but a 48-hour cycle would increase it substantially more.
woodruffw|10 months ago Much of the HSM load within a CA is OCSP signing, not subscriber cert issuance.
bob1029|10 months ago
timmytokyo|10 months ago
woodruffw|10 months ago