Proposal Details
When using WaitAuthorization is not practical due to its blocking, for example in Kubernetes controllers, the GetAuthorization method can be used. By adding a RetryAfter field to the Authorization object returned by GetAuthorization these implementations can use their own polling mechanism while still respecting the value sent back by the ACME server.
The WaitAuthorization method will never need set this new field, since it does not return while the challenges are still pending.
Comment From: gopherbot
Change https://go.dev/cl/685475 mentions this issue: crypto/acme: add RetryAfter field to the Authorization object returned by GetAuthorization
Comment From: sigmavirus24
Relevant bit of RFC8555:
In responding to poll requests
while the validation is still in progress, the server MUST return a
200 (OK) response and MAY include a Retry-After header field to
suggest a polling interval to the client.