One other way that the nonce storage problem may be solved on the ACME server is by using "authenticated nonces". The server could devise a system that included a timestamp and MAC. The idea being that the server would only accept a nonce if its timestamp was within a window and the MAC was verified.
This switches the problem around. Instead of storing a list of valid nonces, now the server would be storing a list of used nonces. Eventually, the server would make a pass cleaning up its list of "expired" used nonces. I believe this achieves the same end-goal as the PR (only valid POST requests generate entries within the nonce table), while still allowing the server to return valid nonces on all requests.
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
