[mschuster91]

> Exchanging certificates once a year is... kinda ridiculous in almost every scenario except the one Google envisions when it dictates the Internet, yes.

The thing is, if you're doing it right it should not take longer than 5 minutes. It forces people to actually invest in good infrastructure practices rather than build brittle shit that collapses at the first blow. And most of the "enterprise" stuff you're talking squarely fits into that category.

As said I'm happy for anything that aims to prevent ossification, simply because how often I have heard the lines "why invest into something proper when a thrown-together hack lasts us just the same" or "why replace that old Cisco firewall box if it ain't broken yet".