Well it should be as short as possible while still being practical. LE doesn’t have infinite server compute and if they make the validity too short people might stop using them (pretty evident judging from sentiment here) move to other CAs and make what they do pointless.
45 days are still plenty of time yet people are already complaining. Does make me worry.
fxdave@lemmy.ml 3 days ago
Let’s be extra safe. New cert per every request
RheumatoidArthritis@mander.xyz 3 days ago
Ephemeral diffie-hellman is exactly that, it’s part of TLS since I think 1.2