I'm reading the ACME RFC, I see some weird things. bear in mind I'm not a professional, just an inexperienced student. I'm also NOT looking for help, I'm just curious.
is there some real life use case where customization of "URLs for each ACME operation" is needed? I mean, this RFC is already reserving fields/items such as "newNonce", "newAccount", "termsOfService" etc., so why not make them mandatory hardcoded URLs and not have the "directory object" altogether?
why is this a linked list? why not make it mandatory to send a complete list every time? is there some real life use case a server would return an incomplete list? why? something DoS, something rate limits?
thanks in advance. I will proceed reading the spec.
Using a Link header is optional. I'm guessing its for ACME clients that are handling large amounts of orders for some reason where it would perhaps take too much effort to handle it at once.
With regard to the directory object: I guess it's just to have the specs flexible. Of course one can hardcode the URIs, but then someone would eventually complain about this hardcoding and request more flexibility.
For example, ssl.com uses this flexibility. Their directory at https://acme.ssl.com/sslcom-dv-ecc shows:
