The root problem is certificate lifetimes are too long relative to the speed at which domains change, and the speed at which the PKI needs to change.
The root problem is certificate lifetimes are too long relative to the speed at which domains change, and the speed at which the PKI needs to change.