On 3/12/22 18:52, Howard Chu wrote:
Christopher Paul wrote:
But if you're swapping out the cert, you can optionally re-key at the same time, so I think we add to the list of TLS client best practice: re-key when you re-cert. Right? There are no great costs to re-keying, unless I am missing something. >
Generating key pairs tends to be the most compute-intensive part of any of this, so usually sites try to do it only once per user. Though that may be more of a consideration for RSA and not as significant for ECC based pubkey schemes.
It's not a big deal to re-key each time you issue a short-term cert. I'm doing this for SSH in EKCA all the time even with RSA-4096.
Generally using TLS client certs in a secure way is not well supported in most clients. Or does libldap today support asking for a client key passphrase?
Ciao, Michael.