Open jsha opened 4 years ago
beautifulentropy
commented
1 year ago Update:
We began tracking order and authz age at creation and finalize time in #6841.
Currently, we're waiting for our SRE team drop some old rows from order and authz2 before we run any live experiments that may result in rapid table growth.
beautifulentropy
commented
1 year ago Chatted with SRE, freeing up enough database space (by dropping old data) is on the engineering priority list now. They've acknowledged that it's definitely not on the horizon at the moment so I'm going to drop this issue from my plate.
Right now, all validated authorizations stay in the "valid" state for 30 days, unless they are deactivated. We'd like to lower this for most users to something like 7 hours (in line with how long we treat a CAA check is valid). Some users probably depend on the 30-day lifetime for their workflows. To ease the transition, we should allow migration on a per-account basis. For instance, all new accounts might receive a flag that opts them into the shorter validation lifetime. We could then progressively apply this flag to older accounts that don't explicitly need the longer lifetime, and work with users who depend on the longer lifetime to migrate their workflows.