Ambiguous rate limit documentation

On this page:

It says:

Overrides

If you’ve hit a rate limit, we don’t have a way to temporarily reset it. You’ll need to wait until the rate limit expires after a week.

Why do rate limits take 1 whole week to reset? Asking, because we have a user claiming that after doing 300 orders in 3 hours, they are blocked for 1 week, which sounds wrong to me.

The next sentence suggests a limit of 50 in a week:

We use a sliding window, so if you issued 25 certificates on Monday and 25 more certificates on Friday, you’ll be able to issue again starting Monday.

So now I wonder if that first sentence is only about the "50 registered domains per week" rate limit.

If so, I think some text should be moved around or reworded. If not, I'm curious why a whole server needs to be blocked for a whole week after exceeding a rate limit in less than 3 hours. (This customer has thousands of domain names. Not same-registered-domain. Thousands of different registered domains.)

May I suggest this page be reorganized so that each rate limit has its own section, and then a separate section describing how rate limits work overall (sliding window, etc)?

3 Likes

I've hit that ratelimit in the past. The block only lasts 3 hours. The issue is in wording. I don't think anyone noticed it before, because 99.9% of ratelimit issues are the weekly limits.

5 Likes

The "Overrides" paragraph uses the rate limit(s) which are hit the most: the max. certificates per domain per week and max. duplicate certificates per week. I agree it's rather strange to mention "after a week" when there are other rate limits with different time windows, such as the 3 hour window for the max orders rate limit. I can suggest an improvement to the site on their Github repository or you can do it yourself too: https://github.com/letsencrypt/website

They use that as an example indeed.

I agree, the rate limit page can be made much clearer. Personally, I would prefer a clear, easy to view and understand table instead of only using words like it is now.

8 Likes

@griffin had worked quite a bit on reorganizing and clarifying the rate limits page some time ago; I had thought it was a great idea and I'm not sure why the effort seems to have stalled out.

6 Likes

I certainly did, @petercooperjr. :slightly_smiling_face: I even created a table with the rate limits (as I also did with the root and intermediate certificates on the chain page). For the rate limits, I kept asking various staff to have the PR reviewed and got nowhere. For the chain page, I ran into "we can't change that" for a lot of the paragraphs and a desperate need to update the table formatter for the tables I created to look right. The tables in the community have the GitHub formatting while the tables on the static website under Hugo have some (really ugly) basic formatting buried in a mess of SCSS.

4 Likes

Probably better to change the pages one update at a time. Too much change will probably scare away the reviewers :wink:

Also, I sometimes find the reviewers of /letsencrypt/website/ to just ignore certain improvements. Once I made an improvement of the chain of trust chart in a SVG format.. That PR lingered many weeks or even months. In the end, someone (I won't mention the person specifically) just updated the chart on their own accord, not bothering to check if there were any PRs on the subject.. I just closed the PR as why would I bother to improve the site?

I think Let's Encrypt as wel as the Certbot team has many possibilities for improvements on how to interact with their community on Github. I can also remember something about a T-shirttoken of gratitude? :stuck_out_tongue: Cough @jple cough cough. [/not so subtle]

6 Likes

I just want to put out there that we really do appreciate these contributions! I’ve also been frustrated at how little time we’ve had to improve docs, and I think our (excellent) comms team has been working on making that better.

8 Likes

I think I had the same day dream LOL

4 Likes

Your team is great, James. :slight_smile: (Pass along my regards if you would!)

6 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.