(Playing devils advocate) Why not just remove the nonce system entirely? The main use of the nonce system is to protect against TLS termination at a CDN (or MITM middleboxes) which could, if malicious, replay requests. Why not instead just recommend local termination of TLS and that implementing clients should pin the relevant API TLS keys?
This would greatly simplify a number of things, including the rather annoying need to always start any API flow with a failed request/HEAD to a random endpoint. On 07/08/2016 01:55 PM, Jacob Hoffman-Andrews wrote: > https://github.com/ietf-wg-acme/acme/pull/156 > > Previously the server was required to provide a nonce on all successful > responses, including GETs. This makes certain nonce-storage techniques > like an > in-memory list impractical, because the size of the list would have to scale > with GET requests rather than just authenticated POSTs. > > This change reduces the scope of requests where nonces are required. > > It also tweaks the example section for Replay-Nonce to not define the > base64url > character set. > > > > _______________________________________________ > Acme mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/acme > _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
