top | item 46649367

(no title)

kevincox | 1 month ago

The short-lived requirement seems pretty reasonable for IP certs as IP addresses are often rented and may bounce between users quickly. For example if you buy a VM on a cloud provider, as soon as you release that VM or IP it may be given to another customer. Now you have a valid certificate for that IP.

6 days actually seems like a long time for this situation!

discuss

sgjohnson|1 month ago

Cloud providers could check the transparency lists, and if there’s a valid cert for the IP, quarantine it until the cert expires. Problem solved.

greyface-|1 month ago

That's leaving money on the table, unless they continue to charge the previous tenant for the duration of quarantine.