On May 4, 2015, at 10:38 PM, Viktor Dukhovni <[email protected]> wrote: > > On Mon, May 04, 2015 at 06:01:07PM -0700, Paul Hoffman wrote: > >> In Section 13, there is no justification for why TLSA records for HTTP >> servers should have a TTL an order of magnitude shorter than those for >> SMTP servers, and I can't think of one. Proposal: suggest all TLSA records >> have a TTL of an hour. > > Without necessarily disagreeing, the rationale was: > > * MTA to MTA SMTP is non-interactive store and forward, and > moderately high latency (mail queueing until the problem is > fixed) is tolerable, if sufficiently rare. > > * HTTP servers provide generally interactive services, where > users might be less forgiving of a 1 hour outage. > > Perhaps the right answer is to not suggest any particular TTL, but > just note the issue, leaving the choice of TTL to the reader...
That works for me as well, and is not onerous on the reader. --Paul Hoffman _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
