I'm not going to comment on the conversion of ACME into a REST-based design, I just find it amusing/interesting/odd that I in my [sort of] "ACME for mobile devices", SKS/KeyGen2, came up with essentially the diametrically opposed solution like:
- HTTP POST to the same URL using HTTP 200 as the sole response code - Uniquely identifiable JSON message classes - Clear-text JSON signatures - Key attestations rather than PKCS #10/PoP Message classes are registered and then automatically instantiated in one place and after that dispatched to the appropriate handler which also provides the return object. This is like an extremely scaled-down version of the thing that made people turn to REST, the bloated and ugly beast known as WS-*. Anders _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
