"How It Works" talks about signing nonces: unclear?

[osirisinferi]

The How It Works page mentions the signing of nonces:

"Along with the challenges, the Let's Encrypt CA also provides a nonce that the agent must sign with its private key pair to prove that it controls the key pair."

and

"The agent also signs the provided nonce with its private key."

Today, somebody with interest in the ACME protocol, read the How It Works page and didn't understand this signing of the nonce.. It was unclear if this "nonce" was some kind of temporary certificate used as proof for the control of the private key or something else.

So I tried to figure out the role of this "nonce" in the current ACME specs. Besides the obvious replay protection nonce, I did not came across another use of something called "nonce" which could be directly signed by the private key (where I assume the private key corresponding to the public/private keypair of the certificate).

The reason for this issue is either one of the following purposes:

• To suggest editing the part of the nonce, so it becomes more clear to the readers what it is and does;
• To remove the part about the nonce altogether if it is a remnant of an old ACME draft currently not used any more*.

*: The first draft does mention the signing of a nonce directly for "Proof of posession of a prior key", but not for regular challenges.

[bdaehlie]

I think @jsha should probably just rewrite this page.