diff --git a/src/or/consdiffmgr.c b/src/or/consdiffmgr.c
index 910f842070..068f9c5ea7 100644
--- a/src/or/consdiffmgr.c
+++ b/src/or/consdiffmgr.c
@@ -166,7 +166,6 @@ static HT_HEAD(cdm_diff_ht, cdm_diff_t) cdm_diff_ht = HT_INITIALIZER();
  * Configuration for this module
  */
 static consdiff_cfg_t consdiff_cfg = {
-  /* .cache_max_age_hours = */ 24 * 90,
   // XXXX I'd like to make this number bigger, but it interferes with the
   // XXXX seccomp2 syscall filter, which tops out at BPF_MAXINS (4096)
   // XXXX rules.
@@ -456,6 +455,25 @@ cdm_cache_lookup_consensus(consensus_flavor_t flavor, time_t valid_after)
   return result;
 }
 
+/** Return the maximum age (in seconds) of consensuses that we should consider
+ * storing. The available space in the directory may impose additional limits
+ * on how much we store. */
+static int32_t
+get_max_age_to_cache(void)
+{
+  /* The parameter is in hours. */
+  const int32_t DEFAULT_MAX_AGE_TO_CACHE = 8192;
+  const int32_t MIN_MAX_AGE_TO_CACHE = 0;
+  const int32_t MAX_MAX_AGE_TO_CACHE = 8192;
+  const char MAX_AGE_TO_CACHE_NAME[] = "max-consensus-age-to-cache-for-diff";
+
+  return 3600 * networkstatus_get_param(NULL,
+                                        MAX_AGE_TO_CACHE_NAME,
+                                        DEFAULT_MAX_AGE_TO_CACHE,
+                                        MIN_MAX_AGE_TO_CACHE,
+                                        MAX_MAX_AGE_TO_CACHE);
+}
+
 /**
  * Given a string containing a networkstatus consensus, and the results of
  * having parsed that consensus, add that consensus to the cache if it is not
@@ -476,7 +494,7 @@ consdiffmgr_add_consensus(const char *consensus,
   const consensus_flavor_t flavor = as_parsed->flavor;
   const time_t valid_after = as_parsed->valid_after;
 
-  if (valid_after < approx_time() - 3600 * consdiff_cfg.cache_max_age_hours) {
+  if (valid_after < approx_time() - get_max_age_to_cache()) {
     log_info(LD_DIRSERV, "We don't care about this consensus document; it's "
              "too old.");
     return -1;
@@ -643,8 +661,7 @@ consdiffmgr_cleanup(void)
   log_debug(LD_DIRSERV, "Looking for consdiffmgr entries to remove");
 
   // 1. Delete any consensus or diff or anything whose valid_after is too old.
-  const time_t valid_after_cutoff =
-    approx_time() - 3600 * consdiff_cfg.cache_max_age_hours;
+  const time_t valid_after_cutoff = approx_time() - get_max_age_to_cache();
 
   consensus_cache_find_all(objects, cdm_cache_get(),
                            NULL, NULL);
diff --git a/src/or/consdiffmgr.h b/src/or/consdiffmgr.h
index 0325a00bf5..fe4f9ee239 100644
--- a/src/or/consdiffmgr.h
+++ b/src/or/consdiffmgr.h
@@ -14,7 +14,6 @@ typedef enum consdiff_status_t {
 } consdiff_status_t;
 
 typedef struct consdiff_cfg_t {
-  int32_t cache_max_age_hours;
   int32_t cache_max_num;
 } consdiff_cfg_t;
 
diff --git a/src/or/directory.c b/src/or/directory.c
index d2ac42c3ff..a5121ebf6c 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -499,11 +499,23 @@ dir_consensus_request_set_additional_headers(directory_request_t *req,
    * period of 1 hour.
    */
   const int DEFAULT_IF_MODIFIED_SINCE_DELAY = 180;
+  const int32_t DEFAULT_TRY_DIFF_FOR_CONSENSUS_NEWER = 72;
+  const int32_t MIN_TRY_DIFF_FOR_CONSENSUS_NEWER = 0;
+  const int32_t MAX_TRY_DIFF_FOR_CONSENSUS_NEWER = 8192;
+  const char TRY_DIFF_FOR_CONSENSUS_NEWER_NAME[] =
+    "try-diff-for-consensus-newer-than";
 
   int flav = FLAV_NS;
   if (resource)
     flav = networkstatus_parse_flavor_name(resource);
 
+  int32_t max_age_for_diff = 3600 *
+    networkstatus_get_param(NULL,
+                            TRY_DIFF_FOR_CONSENSUS_NEWER_NAME,
+                            DEFAULT_TRY_DIFF_FOR_CONSENSUS_NEWER,
+                            MIN_TRY_DIFF_FOR_CONSENSUS_NEWER,
+                            MAX_TRY_DIFF_FOR_CONSENSUS_NEWER);
+
   if (flav != -1) {
     /* IF we have a parsed consensus of this type, we can do an
      * if-modified-time based on it. */
@@ -519,8 +531,10 @@ dir_consensus_request_set_additional_headers(directory_request_t *req,
         ims_delay = (v->fresh_until - v->valid_after)/2;
       }
       if_modified_since = v->valid_after + ims_delay;
-      memcpy(or_diff_from, v->digest_sha3_as_signed, DIGEST256_LEN);
-      or_diff_from_is_set = 1;
+      if (v->valid_after >= approx_time() - max_age_for_diff) {
+        memcpy(or_diff_from, v->digest_sha3_as_signed, DIGEST256_LEN);
+        or_diff_from_is_set = 1;
+      }
     }
   } else {
     /* Otherwise it might be a consensus we don't parse, but which we
@@ -530,8 +544,10 @@ dir_consensus_request_set_additional_headers(directory_request_t *req,
      * unparsed consensus, so we use the default. */
     if (cd) {
       if_modified_since = cd->published + DEFAULT_IF_MODIFIED_SINCE_DELAY;
-      memcpy(or_diff_from, cd->digest_sha3_as_signed, DIGEST256_LEN);
-      or_diff_from_is_set = 1;
+      if (cd->published >= approx_time() - max_age_for_diff) {
+        memcpy(or_diff_from, cd->digest_sha3_as_signed, DIGEST256_LEN);
+        or_diff_from_is_set = 1;
+      }
     }
   }
 
diff --git a/src/test/test_consdiffmgr.c b/src/test/test_consdiffmgr.c
index 2e5dd59292..746d17a038 100644
--- a/src/test/test_consdiffmgr.c
+++ b/src/test/test_consdiffmgr.c
@@ -28,7 +28,7 @@ consdiffmgr_test_setup(const struct testcase_t *arg)
   get_options_mutable()->DataDirectory = ddir_fname; // now owns the pointer.
   check_private_dir(ddir_fname, CPD_CREATE, NULL);
 
-  consdiff_cfg_t consdiff_cfg = { 7200, 300 };
+  consdiff_cfg_t consdiff_cfg = { 300 };
   consdiffmgr_configure(&consdiff_cfg);
   return (void *)1; // must return something non-null.
 }