> Are IP addresses more transient than a domain within a 45 day window? The static IPs you get when you rent a vps, they're not transient.

They can be as transient as you want. For example, on AWS, you can release an elastic IP any time you want.

So imagine I reserve an elastic IP, then get a 45 day cert for it, then release it immediately. I could repeat this a bunch of times, only renting the IP for a few minutes before releasing it.

I would then have a bunch of 45 day certificates for IP addresses I don't own anymore. Those IP addresses will be assigned to other users, and you could have a cert for someone else's IP.

Of course, there isn't a trivial way to exploit this, but it could still be an issue and defeats the purpose of an IP cert.