CAA RR are cached MUCH shorter than valide authz (8 hours instead of 30 days). In fact, the lack of maintaining this shorter cache time in certain situations has lead to a quite serious incident: 2020.02.29 CAA Rechecking Bug
5 Likes