With services like AWS Cloudfront having a minimum cache lifetime of 1 hour (and ignoring the query string), and also to provide a failsafe way of invalidating the cache objects, I think it would make sense for the CDN module to allow for versioned assets.
I.e. Every time the application is released/tagged/deployed, the CDN module changes the links (for example using the SVN version number or release date), with mod_rewrite converting the links back to point at their original locations. E.g. foobar.com/1111/sites/all/assets/file.jpg > foobar.com/sites/all/assets/file.jpg