Hi, In the authorization object, "challenges" is a list of challenge objects. Is it valid to include multiple challenges of the same type in an authorization? (e.g. multiple "oob-01" challenges)
If this is not valid or if it is a nonsense, it would be better to
to devolve "challenges" to a map ("object" in JSON parlance) of
objects, keyed by challenge type, rather than a list of objects?
Whether or not multiple challenges with same type within a single
authorization is valid, the spec should be updated to clarify this.
Thanks,
Fraser
signature.asc
Description: PGP signature
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
