On Mon, May 04, 2015 at 06:01:07PM -0700, Paul Hoffman wrote:
> In Section 13, there is no justification for why TLSA records for HTTP
> servers should have a TTL an order of magnitude shorter than those for
> SMTP servers, and I can't think of one. Proposal: suggest all TLSA records
> have a TTL of an hour.
Without necessarily disagreeing, the rationale was:
* MTA to MTA SMTP is non-interactive store and forward, and
moderately high latency (mail queueing until the problem is
fixed) is tolerable, if sufficiently rare.
* HTTP servers provide generally interactive services, where
users might be less forgiving of a 1 hour outage.
Perhaps the right answer is to not suggest any particular TTL, but
just note the issue, leaving the choice of TTL to the reader...
--
Viktor.
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
