@obenland I didn't realize that either, and it makes FEP-844e less attractive. However, capability discovery might still be preferable to double-knocking because RFC-9421 is not the last upgrade. Some applications are already starting to use EdDSA signatures, and that requires triple knocking. In the future we will need to switch to post-quantum cryptography and so on. The number of knocks always increases, but capability discovery requires a constant number of requests.