This seems sensible; rolling keys shouldn't invalidate things in transit any more than changing your Gmail password should delete your drafts folder.
I would have a little bit of a hard time calling this "purely editorial", since it specifies server behavior. But it seems like you're just codifying an expectation that at least I already had (TBH, I would not have thought to build a server otherwise), so I would be inclined to go ahead and merge it if at least one or two other people chime in. Here's a PR: https://github.com/ietf-wg-acme/acme/pull/323 --Richard On Mon, Jun 19, 2017 at 2:08 PM, Salz, Rich <[email protected]> wrote: > Speaking purely as an individual. > > > > This is about Section 7.3.3 > > > > It can be difficult to change the account credentials, because you have to > make sure that nothing is “in transit.” For a large client, or perhaps a > reseller type of arrangement, this can be difficult if not impossible. > > > > I would like to see a sentence added to the end of the section that says > “rolling keys does not invalidate any challenges currently in progress.” > > > > I leave this to the WG as to whether or not this is strictly editorial. > Even if there is no consensus, an explicit statement about the validity > should be added. I think NOT invalidation is better, as the inverse makes > changes hard. > > -- > > Senior Architect, Akamai Technologies > > Member, OpenSSL Dev Team > > IM: [email protected] Twitter: RichSalz > > > > _______________________________________________ > Acme mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/acme > >
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
