https://github.com/ietf-wg-acme/acme/pull/156
Previously the server was required to provide a nonce on all successful responses, including GETs. This makes certain nonce-storage techniques like an in-memory list impractical, because the size of the list would have to scale with GET requests rather than just authenticated POSTs. This change reduces the scope of requests where nonces are required. It also tweaks the example section for Replay-Nonce to not define the base64url character set.
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
