I was under the impression that this wasn't a good idea, as periodic replacement of the keys was done incase of an undetected compromise?
Ross On 13/09/2011 06:53, "Yoav Nir" <[email protected]> wrote: >1. Sometimes certificates are renewed periodically with the same public >key. This is very common for sub-CAs and less so for EE certificates, but >unless it has been compromised, or NIST recommends that you double your >bit-length again, there's no reason not to use the same old public key >and the new certificate _______________________________________________ websec mailing list [email protected] https://www.ietf.org/mailman/listinfo/websec
