A digital certificate uses a digital signature to bind a public key with an identity, to verify the name of a person or an organization. The longer a public/private key pair is in use, the greater the chances are that the keys can be compromised. For example, a Trojan horse could compromise the authentication store where the keys are located. To reduce this risk, the private key and public key set should be renewed whenever the certificate is renewed, rather than waiting until the keys reach their maximum lifetimes. When put into practice, certificates with stronger keys -- ones used less frequently and ones less open to potential attack -- could be issued with a two year expiration. Meanwhile, certificates with average key lengths and shorter lifetimes, like those of a Web server, should be renewed once a year.
If you act as your own certificate authority and use, for example, Windows Certificate Services to issue certificates to staff and servers, you will need to carefully plan the lifetime of your root certificate authority certificate. All certificates previously issued by a certificate authority expire when the root certificate of the certificate authority is renewed, regardless of whether or not the key pair is also re-approved. Therefore when a certificate authority certificate is renewed, all certificates that have been issued by that certificate authority must also be renewed. A certificate authority cannot issue certificates with a lifetime that extends beyond the validity period of its own root certificate. This rule is called nested validity or nested expiration. A certificate authority root certificate requires a longer lifetime than just one or two years. And, in fact, it's quite normal for a root certificate to have a lifetime of five years.. This increased lifetime does mean, however, that additional security measures must be taken to ensure the keys are not compromised. Locate servers and secure Web communications in locked data centers in order to minimize the risks of attacks. I would also recommend the use of hardware-based cryptography devices to store private keys. Private keys stored on tamper-resistant hardware are never revealed to the operating system or cached in memory since all cryptography takes place in the crypto-hardware rather than on the computer's hard disk drive.
This was first published in December 2006