Currently we have this text: > The elements of the "authorizations" array are immutable once set. If any change is made to the array after the object is created, the client MUST consider the application invalid.
What's the purpose of this clause? I'd like to strike it if possible. Rationale: The most straightforward way to render a pending order object is going to be by querying a database for the most recent authorizations applicable to the names in the CSR (preferring valid authzs), and generating links to those authorizations. In general this should provide a stable list of URLs, but may produce changes in some edge cases- for instance, if one authz expires and a newer order is created with an overlapping identifier. Is there a benefit to having the client consider the application invalid in such a case? _______________________________________________ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
