* I actually have the opposite inclination to you here -- if a field is not used by the protocol, then it should be forbidden, in the spirit of [1]. By that logic, we should also forbid the use of the "nonce" field in roll-over. I think it was just an oversight that we didn't. The security analysis that Bhargavan et al. did long ago did not presume any use of it. I've made a PR making it a MUST NOT:
* https://github.com/ietf-wg-acme/acme/pull/464<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_ietf-2Dwg-2Dacme_acme_pull_464&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=zToff9t9YWnqb-chLjc81aGqsWkU3X_LsCwoyOUUBCs&s=12SEIqdV7PqKg5rDKbhBnk-IxDBUMaP76R5KH44d9Y0&e=> * [1] https://tools.ietf.org/html/draft-iab-protocol-maintenance-00<https://urldefense.proofpoint.com/v2/url?u=https-3A__tools.ietf.org_html_draft-2Diab-2Dprotocol-2Dmaintenance-2D00&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=zToff9t9YWnqb-chLjc81aGqsWkU3X_LsCwoyOUUBCs&s=7K2iucQLbRsrkZ_plUKpeEBNGXePEQ4TEC5gTY4x7nw&e=> If anyone in the WG has objections to this, please speak up now.
_______________________________________________ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme