On 02/20/2017 01:32 AM, chaouche yacine wrote:
What is the motivation behind using a new pair of keys and CSR ?
Every now and then, a bug in the OpenSSL API is found that leaked the private key under certain conditions.
By replacing the private key once a year with a new one, you are at lower risk of having a private key that is exposed by such a bug even if the bug isn't published and only a few know about it.
heartbleed was one such bug, DROWN was another.
Obviously when a bug of that type is found and reported and your server was potentially vulnerable you change right away - but when you use the same private key for a long time, you risk a scenario where the NSA knew about it, you stopped using the protocol or cipher before it became public, it becomes public several years later but you aren't worried because you haven't run that protocol or cipher suite in quite some time
- yet the NSA already has your private key from years ago.
That's why I always generate new private key once a year.
It just reduces exploitable exposure in the unlikely but possible scenario that the private key was compromised and I did not know it.
That's also why I only allow ciphers that use forward secrecy for connections from mail clients.