Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Rate limit deactivating pending authzs #7835

Merged
merged 2 commits into from
Nov 22, 2024
Merged

Conversation

aarongable
Copy link
Contributor

When a client deactivates a pending authorization, count that towards their FailedAuthorizationsPerDomainPerAccount and FailedAuthorizationsForPausingPerDomainPerAccount rate limits. This should help curb the few clients which constantly create new orders and authzs, deactivate those pending authzs preventing reuse of them or their orders, and then rinse and repeat.

Fixes #7834

@aarongable aarongable requested a review from a team as a code owner November 21, 2024 00:47
@aarongable aarongable requested a review from jprenken November 21, 2024 00:47
jprenken
jprenken previously approved these changes Nov 21, 2024
@jprenken jprenken requested review from a team and jsha and removed request for a team November 21, 2024 02:36
ra/ra.go Outdated Show resolved Hide resolved
ra/ra.go Outdated Show resolved Hide resolved
ra/ra_test.go Show resolved Hide resolved
@beautifulentropy beautifulentropy self-requested a review November 21, 2024 20:53
ra/ra.go Outdated Show resolved Hide resolved
@aarongable aarongable merged commit 7791262 into main Nov 22, 2024
12 checks passed
@aarongable aarongable deleted the limit-pending-deactivation branch November 22, 2024 01:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Have deactivating a pending authz count toward failed validation limits
4 participants