On 08/07/2016 06:55 PM, Richard Barnes wrote:
> Could you comment a little more specifically on what issues this has
> caused you?
We turned on caching at our CDN, which led to some clients getting
nonces that had already been used by other clients. A lot of clients
didn't implement retries on
On Sat, Aug 6, 2016 at 2:55 PM, Jacob Hoffman-Andrews wrote:
> At IETF 96 it was proposed to drop this issue:
> https://www.ietf.org/proceedings/96/minutes/minutes-96-acme.
>
> The rationale from the notes is that nonces are not a scarce resource.
> However, cachability and
On 7 August 2016 at 04:55, Jacob Hoffman-Andrews wrote:
> The rationale from the notes is that nonces are not a scarce resource.
> However, cachability and idempotence of GETs were not addressed. I think
> it's worth not requiring nonces on GETs purely for those reasons. In
>