That is a great question, so I digged into the arbitrary "one hour" that cert-manager uses. In trigger_controller.go
// the amount of time after the LastFailureTime of a Certificate
// before the request should be retried.
// In future this should be replaced with a more dynamic exponential
// back-off algorithm.
retryAfterLastFailure = time.Hour
itself does not give further indications except for the fact that one hour seemed to be a reasonable backoff duration.
As a cert-manager user, I would probably expect an exponential backoff instead of a fixed one. And I would probably expect the backoff upper limit to be something like one hour.