Root Certificate Expiration
I'm setting up a CA in an environment that i control and will be issuing a limited number of certificates to certain devices. I thought i read somewhere that the root certificate shouldnt be set to expire in a very long time from now (like 30+ years), but cant seem to find it. What would be a good amount of time for the root certificate to be valid?
If i set it to something high (like above 30+), what are the security implications?
I read on verisign that they set their to expire every 5 to 10 years, because "as computer technology improves, older generations of encryption technology become vulnerable due to newer, more powerful computers."