We could say "MUST begin the issuance process" The main things on my mind that could delay issuance slightly: - Submitting to CT - Checking CAA - Internal queuing for available capacity - Manual vetting
I think "MUST begin" covers for all of those, while allowing some vagueness as to how long they will take. On 03/22/2017 09:39 AM, Daniel McCarney wrote: > Hi Zach, > > For background I think this MUST originated out of this > thread: > https://mailarchive.ietf.org/arch/msg/acme/0lVmGl8e-rmSH0x7ycDW5dj6GAY > > I would prefer option A) as well. It seems better to clear up the > non-normative language than to step backwards to a place where > proactive issuance may or may not happen without a clear signalling to > the client of which a server will do. > > I think the use of "shortly" here is to allow the server some grace to > determine that the order is completed and issuance can be performed. > Perhaps we could change the language to say "The server MUST issue the > requested certificate and update the order resource with a URL for the > certificate after it has determined the client has fulfilled the > server's requirements" and not impose any specific mention of the time > between the client completing the challenges and the server noticing. > Thoughts? > > On Wed, Mar 22, 2017 at 1:14 AM, Zach Shepherd <[email protected] > <mailto:[email protected]>> wrote: > > The following feedback is based on 8010a31 (current HEAD of master). > > Section 7.4, Applying for Certificate Issuance, states "The server > MUST issue the requested certificate and update the order resource > with a URL for the certificate shortly after the client has > fulfilled the server’s requirements." > > Per RFC 2119 Section 6, the imperative MUST should be used with > care and sparingly. > > The use of "shortly" in the above sentence is imprecise. It is not > possible for a server author to know, with confidence, that they > are adhering to this requirement. It is not possible fore a client > author to make design or implementation decisions based on this > requirement. > > I would propose either: > a) Replacing "shortly" with a more precise expectation. > b) Replacing "MUST" with "should". > > I believe there are advantages for setting expectations as to the > turn-around time for certificate issuance and would therefore > prefer option (a), assuming agreement could be reached on more > precise language. > > Regards, > Zach Shepherd > > _______________________________________________ > Acme mailing list > [email protected] <mailto:[email protected]> > https://www.ietf.org/mailman/listinfo/acme > <https://www.ietf.org/mailman/listinfo/acme> > > > > > _______________________________________________ > Acme mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/acme
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
