Adds a note about denied CertificateRequests

Signed-off-by: irbekrm <irbekrm@gmail.com>
2022-01-26 16:48:34 +00:00 · 2022-01-26 16:48:34 +00:00 · ae37a6ecbb
commit ae37a6ecbb
parent 476a22b674
1 changed files with 2 additions and 0 deletions
--- a/design/20220118.certificate-issuance-exponential-backoff.md
+++ b/design/20220118.certificate-issuance-exponential-backoff.md
@ -211,6 +211,8 @@ To ensure that `Certificate`s whose issuance is currently failing don't get rene

 - In case of exponential backoff being applied, controller logs will be sufficient for users trying to debug this and understand when the next issuance will be attempted

+- Applying exponential backoff in cases where issuance fails due to a denied `CertificateRequest` should not be treated differently to other failures (so exponential backoff should be applied). Currently they are treated the same and retried after 1 hour, so this is consistent with the existing behaviour
+
 ## Feature Gate

 The current assumption is that exponential backoff would _not_ be placed behind a feature gate, however this should be considered.