On Thu, Nov 02, 2017 at 10:29:58AM -0400, Daniel McCarney wrote: > > I understand that these corner cases aren't a super convincing line of > argument, but I also don't think a slight preference for double CSR > strictly because it allows delivering a public key rejection error slightly > earlier in the order flow is a very convincing argument either. Does > someone have something stronger in mind?
I guess if you find any use for the key at all depends on if authorizations are order-scoped or account-scoped. If authorizations are order-scoped, then the keys could be used for additional validation methods... There is at least one method in "10 methods" that absolutely requires the key to be known (number 9). Also, if the variant of the validation method uses the key, it does not seem safe to reuse it for different key. If orders can live over 8 hours, then one MUST be prepared to take rejection at finalization anyway. Because even if CAA was checked at authorization creation, it might have been changed and consequently fail the recheck. -Ilari _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
