If there are different ttl values for the same hostname the ttl of a generate NSEC3 records is based on the last record in the database.
This may lead to inconsistent responses over different servers.
The RFC's recommend the SOA minimum ttl since the generated NSECx record are used for negative caching
Attachment '' (pdns-3.1-nsec3-ttl.patch) https://gist.github.com/5466787
I believe this was fixed in r2709 or surrounding commits. Thank you for your work on this!