[akerl_]

> Password rotation used to be considered a gold standard strategy for security, until people realized not only did it make everything harder, it also encouraged people to choose less secure passwords and was largely self-defeating.

Even if we ignore the fact that certificates are not a secret, and that expiry applies to certificates, not private keys, a major difference is that humans don’t mentally generate or manually type TLS keys or certificates. So the negative impact of rotation on user experience and behavior is entirely absent.

[ocdtrekkie]

I was drastically oversimplifying by calling certificates a password. But the point actually does definitely stand: In the long-lived certificate days, you'd keep your CAs and such offline, and generally speaking, highly secured. Now you have to give your automations everywhere everything they need to constantly generate keys that claim to be your site. People are pushed to make drastically less secure choices about how they generate certificates because it needs to happen so often. A lot like adding a 1 on your last password. ;)

Also, short lifetime certificates help deprogram concern about certificate warnings (most nontechnical users know to ignore them, as a network admin, I've never seen a certificate warning that was actually due to a compromise... so I also ignore them all), which leads to hypothetically much less safe behavior than if certificate warnings only happened when rational.

Which is to say, if you believe a certificate that expired yesterday should result in a scare screen to users or worse with HSTS, interfering with the ability to access it all, you failed security 101.