From 895ec93c49854599cf832dcbf65e93db8e12adf4 Mon Sep 17 00:00:00 2001
From: Jeremy Rand <jeremyrand@airmail.cc>
Date: Wed, 25 Aug 2021 04:56:41 +0000
Subject: [PATCH] Set max-age for short-term AIA responses

Refs https://github.com/namecoin/encaya/issues/19
---
 server/server.go | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/server/server.go b/server/server.go
index 5e40ae5..b5d0cf2 100644
--- a/server/server.go
+++ b/server/server.go
@@ -15,6 +15,7 @@ import (
 	"math/big"
 	"net/http"
 	"path/filepath"
+	"strconv"
 	"strings"
 	"sync"
 	"time"
@@ -523,6 +524,12 @@ func (s *Server) aiaHandler(w http.ResponseWriter, req *http.Request) {
 		return
 	}
 
+	// Set short-term caching duration of half the cert validity
+	maxAge := safetlsa.ValidityShortTerm() / 2
+	maxAgeSeconds := int(maxAge / time.Second)
+	maxAgeStr := strconv.Itoa(maxAgeSeconds)
+	w.Header().Set("Cache-Control", "max-age="+maxAgeStr)
+
 	for _, rr := range dnsResponse.Answer {
 		tlsa, ok := rr.(*dns.TLSA)
 		if !ok {