> scope (optional, string): > : If this field is present, then it MUST contain a URI for an order resource, > such that this authorization is only valid for that resource.
> If this field is absent, then the CA MUST consider this authorization valid > for all orders until the authorization expires. > This process may be repeated to associate multiple identifiers to a key pair > (e.g., to request certificates with multiple identifiers), or to associate > multiple accounts with an identifier > (e.g., to allow multiple entities to manage certificates). > The server may declare that an authorization is only valid for a specific > order by setting the "scope" > field of the authorization to the URI for that order. 1. There are no examples in the spec of using Scope 2. The above are all instances of the word scope, which means there are no examples of two concurrent requests without a scope showing how a lack of scope might cause problems for requests (to server or client) / nor showing how the lack of a scope benefits that additional request. _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
