What’s the best practice for caching public keys?
If you fetch the key every time you need it you won’t be able validate deletes to an actor, plus the cost of fetching the actor for every message. If you use the cached version you risk accepting messages signed with an old key, and rejecting messages signed with a new key.
Do we need something like: attempt to validation with cached key, and check for a newer version if that fails. Periodically check for updated keys and/or check for an updated key if the cached version is too old?
Are there any good documents on this?