* Order Objects, "authorizations". The text says, "For final orders, the
authorizations that were completed." Are we using "completed" to mean
"successfully completed"? Maybe we should say so explicitly.
* Directory object: not wishing to be drawn into the TOS discussion
again, but I think the example would be more useful, if the URL was
https://example.com/acme/terms/2017-5-30 instead of
https://example.com/acme/terms, because clients can then detect changes
more easily.
* Changes of Terms of Service: the example is missing the mandatory Link
header that's mentioned in the text.
* Account key roll-over: the current check #8 is "Check that the
“newKey” field of the key-change object also verifies the inner JWS." I
think that requiring that "newKey" is bitwise identical to the inner
"jwk" is both strictier and more correct.
* Account deactivation: shouldn't we also say that all pending Orders
MUST be invalidated?
* Downloading the Certificate: in the example, the client asks for a
single cert (Accept: application/pkix-cert) and receives a chain
(application/pem-certificate-chain) - is this legal? This also seems to
conflict with the last paragraph of the section.
* MIME Type: application/pem-certificate-chain - typo: "Carries a
cryptographic certificate" should be "Carries a list of cryptographic
certificates"
Thanks,
Yaron
_______________________________________________
Acme mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/acme
