On Sat, Dec 05, 2015 at 07:10:43PM +0100, Niklas Keller wrote: > Hello, > what's the reason why "authorizations" and "certificates" are optional in > registration objects? They should both not be optional IMO, because they > can be used nicely to lower the load on the CA, because clients can reuse > prior authorizations and even download lost certificates easily. This > makes also revocation easier, because you can simply list all valid > certificates for a given account key. > Regards, Niklas
Indeed. My own client keeps a note of obtained authorizations and their expiration dates and certificate URLs. What might be nice is a function to find valid authorizations and certificates by hostname, so that clients can quickly look for objects satisfying their requirements. Servers are likely to index this sort of thing for rate limiting purposes anyway. _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
