22 Feb
2017
22 Feb
'17
11:50 p.m.
On Feb 22, 2017, at 5:17 PM, John Allen john@klam.ca wrote:
Is the any recommendation as to the TTL for TLSA records?
An hour or less. Depending on how time-sensitive your email is. Keep in mind the refresh time of secondary servers, setting the TTL much below that does not help much.
I would imagine fairly short as if the is a problem you want the old ones gone ASAP!
Yes, that's the basic motivation to keep it reasonably short.
--
Viktor.