diff --git a/letsencrypt/acme/challenges.py b/letsencrypt/acme/challenges.py
index 0425ba2a9..9c0f263c7 100644
--- a/letsencrypt/acme/challenges.py
+++ b/letsencrypt/acme/challenges.py
@@ -88,6 +88,9 @@ class DVSNI(DVChallenge):
     NONCE_SIZE = 16
     """Required size of the :attr:`nonce` in bytes."""
 
+    PORT = 443
+    """Port to perform DVSNI challenge."""
+
     r = jose.Field("r", encoder=jose.b64encode,  # pylint: disable=invalid-name
                    decoder=functools.partial(jose.decode_b64jose, size=R_SIZE))
     nonce = jose.Field("nonce", encoder=binascii.hexlify,
diff --git a/letsencrypt/client/constants.py b/letsencrypt/client/constants.py
index 239db7373..d7cf1bae9 100644
--- a/letsencrypt/client/constants.py
+++ b/letsencrypt/client/constants.py
@@ -4,14 +4,6 @@ import pkg_resources
 from letsencrypt.acme import challenges
 
 
-S_SIZE = 32
-"""Size (in bytes) of secret base64-encoded octet string "s" used in
-challenges."""
-
-NONCE_SIZE = 16
-"""Size of nonce used in JWS objects (in bytes)."""
-
-
 EXCLUSIVE_CHALLENGES = frozenset([frozenset([
     challenges.DVSNI, challenges.SimpleHTTPS])])
 """Mutually exclusive challenges."""
@@ -46,10 +38,6 @@ NGINX_MOD_SSL_CONF = pkg_resources.resource_filename(
 distribution."""
 
 
-DVSNI_CHALLENGE_PORT = 443
-"""Port to perform DVSNI challenge."""
-
-
 CONFIG_DIRS_MODE = 0o755
 """Directory mode for ``.IConfig.config_dir`` et al."""
 
diff --git a/letsencrypt/client/plugins/standalone/authenticator.py b/letsencrypt/client/plugins/standalone/authenticator.py
index e0b06aa30..3912033e8 100644
--- a/letsencrypt/client/plugins/standalone/authenticator.py
+++ b/letsencrypt/client/plugins/standalone/authenticator.py
@@ -15,7 +15,6 @@ import zope.interface
 from letsencrypt.acme import challenges
 
 from letsencrypt.client import achallenges
-from letsencrypt.client import constants
 from letsencrypt.client import interfaces
 
 
@@ -362,7 +361,7 @@ class StandaloneAuthenticator(object):
                 results_if_failure.append(False)
         if not self.tasks:
             raise ValueError("nothing for .perform() to do")
-        if self.already_listening(constants.DVSNI_CHALLENGE_PORT):
+        if self.already_listening(challenges.DVSNI.PORT):
             # If we know a process is already listening on this port,
             # tell the user, and don't even attempt to bind it.  (This
             # test is Linux-specific and won't indicate that the port
@@ -370,7 +369,7 @@ class StandaloneAuthenticator(object):
             return results_if_failure
         # Try to do the authentication; note that this creates
         # the listener subprocess via os.fork()
-        if self.start_listener(constants.DVSNI_CHALLENGE_PORT, key):
+        if self.start_listener(challenges.DVSNI.PORT, key):
             return results_if_success
         else:
             # TODO: This should probably raise a DVAuthError exception