A couple thoughts: - Probably the "reset" field should be named something else, and should only be provided when a rate limit was actually hit. Let's Encrypt uses a sliding window (aka leaky bucket) for rate limits, so reset time is not well-defined for requests that didn't hit a limit.
- One of the goals of ACME is to be applicable to paid CAs. The rate limit concept may map rather cleanly onto a notion, in a paid CA, of a number of certificates already paid for on an account. Perhaps "Requests-Remaining" would be a more general name? On 03/21/2016 03:51 PM, J.C. Jones wrote: > On Mon, Mar 21, 2016 at 3:45 PM, Niklas Keller <[email protected] > <mailto:[email protected]>> wrote: > > Will it be possible to standardize all names? Other CAs may use > other rate > > limits. So should `RateLimit-Name` be a code or a human readable > message? > > My guess is that getting an exhaustive list of rate limits would be > difficult, and that implementing CAs may want to adjust these values > quickly outside IETF. > > It's probably good to leave flexibility it in, if we can. Further > thought: Instead of or in addition to a name, there could be a URI to > a description or help document. > > Cheers, > > - J.C. > > > _______________________________________________ > Acme mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/acme
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
