Resending, this post seems to have been lost in the noise. Should I open
a PR? Multiple PRs?
Thanks,
Yaron
On 30/05/17 18:52, Yaron Sheffer wrote:
* Order Objects, "authorizations". The text says, "For final orders,
the authorizations that were completed." Are we using "completed" to
mean "successfully completed"? Maybe we should say so explicitly.
* Directory object: not wishing to be drawn into the TOS discussion
again, but I think the example would be more useful, if the URL was
https://example.com/acme/terms/2017-5-30 instead of
https://example.com/acme/terms, because clients can then detect
changes more easily.
* Changes of Terms of Service: the example is missing the mandatory
Link header that's mentioned in the text.
* Account key roll-over: the current check #8 is "Check that the
“newKey” field of the key-change object also verifies the inner JWS."
I think that requiring that "newKey" is bitwise identical to the inner
"jwk" is both strictier and more correct.
* Account deactivation: shouldn't we also say that all pending Orders
MUST be invalidated?
* Downloading the Certificate: in the example, the client asks for a
single cert (Accept: application/pkix-cert) and receives a chain
(application/pem-certificate-chain) - is this legal? This also seems
to conflict with the last paragraph of the section.
* MIME Type: application/pem-certificate-chain - typo: "Carries a
cryptographic certificate" should be "Carries a list of cryptographic
certificates"
Thanks,
Yaron
_______________________________________________
Acme mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/acme
