I personally do not see forcefully changing the 90 day limit as a useful tool. The reality is most certs out there for protecting web servers are 1-2 years and in some cases 3 years so to me sub 90 days is for the paranoid. However I support the option for those users who require it to specify a shorter lifespan. perhaps even specifying the drop dead date.
Unreliable certificate revocation is a different issue. No matter what your certificate lifetime is, if your private key is compromised it only takes minutes to effect an exploit. Unless you become aware your key has been compromised you cannot take action anyway so even a 1 week certificate leaves you wide open. If you are unaware your server is exploited (say a rootkit) then you can change your private key as often as you want, you are still hosed.
I use the very powerful and well written getssl bash script and it has the option to renew private keys every time or not depending on your use case. It also allows user to use a number of different verification methods so for internally accessible only web servers we run an external service (on a completely different machine) that allows for validation. getssl runs on a third machine not accessible externally pushing challenges via sftp to the verification server.