On Saturday, July 9, 2016, Niklas Keller <[email protected]> wrote: > 2016-07-09 18:57 GMT+02:00 Ron <[email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');>>: > >> On Fri, Jul 08, 2016 at 04:02:36PM -0700, James Kasten wrote: >> > I agree that there are a large number of wasted nonce values which >> creates >> > a burden for the ACME server. This PR would certainly reduce the >> number of >> > unused nonces. >> > >> > It seems unfortunate that with this PR, the only guaranteed way to begin >> > the ACME process is by posting a failed registration request. >> >> Yes, I think if we are going to do this we'd want some trivial way to >> explicitly request a fresh nonce. >> >> In the code I have I always cache the most recently received nonce, and >> use that if it's available, but if I don't have one that hasn't already >> been used, I just fall back to doing a HEAD request on the directory URI >> to obtain one. >> >> It would be nice to have some similarly simple operation to replace that >> with. > > > Same implementation here for kelunik/acme-client. > > I'm fine with removing it as long as there's still an explicit endpoint to > obtain one, e.g. a HEAD to the directory or simply make the directory > always return one, as HEAD should be the same as GET without a body. >
This sounds like an OK solution to me. Coherent with the idea that the directory is the entry point for the whole thing. --Richard > > Regards, Niklas >
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
