On 07/08/2016 04:36 PM, Roland Shoemaker wrote: > (Playing devils advocate) Why not just remove the nonce system entirely? > > The main use of the nonce system is to protect against TLS termination > at a CDN (or MITM middleboxes) which could, if malicious, replay > requests. Why not instead just recommend local termination of TLS and > that implementing clients should pin the relevant API TLS keys? I agree that this would be the best solution. Right now Let's Encrypt relies on CDN termination for DDoS resistance and faster mitigation of some front-end vulnerabilities. I'd be interested to hear from other CAs (currently I think only SSLMate is participating on list): Do you have a CDN in front of your API or not?
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
