Without vetkeys any canister call or http outcall is public information on the IC. When an http outcall is made, the http request is sent with a system api call to multiple IC nodes (unencrypted publicly) which then in turn make the actual https outcall, afterwards the responses are compared and returned to the canister (unencrypted publicly).
This is why storing, using and sending secrets with http outcalls is insecure. Even if the http request and response don’t need to be a secret, you’d want the manner of verifying if the incoming request is from a trusted canister to be secure, not a token that becomes public information on the IC the moment you sent it in the request.
So two additional challenges I see besides proxying requests with idempotency: