jsha
commented
8 years ago Thanks for the feedback. It's entirely possible to use HPKP with a large max-age in conjunction with 90-day certificates. You just issue each new certificate with the same key, for whatever key rotation period you are comfortable with. Regarding TLSA records, there are some details on the forum about how best to combine TLSA with Let's Encrypt certificates.
Hi,
For HSTS preloading, we need 18 weeks (126 days) and at least 180 days to be considered A+ on SSL Labs. To be useful, the lifetime of a TLS certificate and the private key should be at least the double of the validity period of HPKP, so at least 120 days (2 x 60 days), so the system admin engineers could have the possibility to overcome a serious problem. The comfort zone is one year if we keep in mind the necessary time and required testing for the replacement of the private key. With DANE/TLSA and DNSSEC enabled, each renewal of the TLS certificate by
letsencryptrequires that every Let's Encrypt user has the time to regularly modify (= each 90 days) its DNS zone to add the new TLSA DNS resource record. The renewal of domain names are - for the most part - made every year, it would be smarter to be synchronized with that.It's better to deliver one-year certificates to empower users to use the whole TLS stack and not the bare minimum. If you have some really great research papers to keep the 90 days validity by default, you should at least offer the option to generate one-year certificates, because in the Let's Encrypt CA offering, it seems that we are advised to renew - more manually than automatically in the facts - every 90 days the TLS certificate and the private key, and also avoid additional configuration with HPKP, DANE/TLSA and HSTS. Let's Encrypt should be secure by default.
Thanks in advance, HLFH
Related to https://github.com/certbot/certbot/issues/2083