On Wed, Dec 6, 2017 at 3:38 PM, Jacob Hoffman-Andrews <[email protected]> wrote:
> On 12/05/2017 03:07 PM, Sophie Herold wrote: > > Having mentioned new-authz: The definition of new-authz is now a subset > > of new-order. Is there any reason to keep the new-authz resource at all? > > Would there be any difference in using new new-order with the exact same > > query without finalizing it? > > Yeah, I agree that this is a happy side-effect of making order > finalization an explicit step: there is now even less need for > preauthorization (i.e. new-authz). I strongly favor removing it. Eric, I > think you were the strongest voice in favor of adding preauthorization > to the spec when we moved to the new-order flow. Do you still feel it's > necessary? For context, you can accomplish the same thing by posting a > new-order for a single identifier, but not finalizing the order. > I'll let EKR speak for himself, but this seems really clumsy to me. At the very least, it requires the server to allocate more resources than it otherwise would, order+authz instead of just authz. The new-authz endpoint is simple enough (and optional enough) that I think it's worth keeping around on its own for those who want it. --Richard
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
