>
> Hi Sophie,
I think there are two "mistakes" in this example:
Agreed on both mistakes. Thanks for flagging!
To avoid unnecessary confusion, I suggest that the table could look something
> like this:
I like your proposed fixes. I think the only change I'd request is that I
think the "Fetch challenges" action should have a plural request stage "GET
order authorization*s*". Similarly the "Respond to challenge" action should
be plural ("Respond to challenge*s*") and should have a plural request
"POST challenge url*s*". I think that will emphasize that there can be
multiple authorizations in one order and multiple challenges in one
authorization.
Also the diagram seems to have a few issues:
Agreed that we should capture the finalization step here & remove the
"new-nonce"/"authz" inconsistencies.
Sophie: Do you want to submit a PR implementing these changes?
Thanks again!
On Thu, Dec 14, 2017 at 2:08 PM, Sophie Herold <[email protected]>
wrote:
> Hi,
>
> I think there are two "mistakes" in this example:
>
> | Action | Request | Response |
> |:---------------------|:--------------------|:----------------|
> | Get a nonce | HEAD newNonce | 204 |
> | Create account | POST newAccount | 201 -> account |
> | Submit an order | POST newOrder | 201 -> order |
> | Fetch challenges | GET authz | 200 |
> | Respond to challenge | POST challenge | 200 |
> | Finalize order | POST order finalize | 200 |
> | Poll for status | GET authz | 200 |
> | Check for new cert | GET cert | 200 |
>
> 1. "Poll for status" should not be "GET authz" but "GET order".
> Only if the order is "pending" or "invalid", authz are of interest.
> 2. "Check for new cert": There is nothing to check here.
>
>
> To avoid unnecessary confusion, I suggest that the table could look
> something like this:
>
> | Action | Request | Response |
> |:---------------------|:-------------------------|:---------------|
> | Get directory | GET directory | 200 |
> | Get nonce | HEAD newNonce | 204 |
> | Create account | POST newAccount | 201 -> account |
> | Submit order | POST newOrder | 201 -> order |
> | Fetch challenges | GET order authorization | 200 |
> | Respond to challenge | POST challenge url | 200 |
> | Finalize order | POST order finalize | 200 |
> | Poll for status | GET order | 200 |
> | Download certificate | GET order cert | 200 |
>
>
> Also the diagram seems to have a few issues:
>
> 1. new-nonce should be newNonce (my fault)
> 2. should "finalize" appear somewhere? maybe like this?
> order -----> finalize
> -----> cert
> 3. I think "authz" could be called authorization here
>
> Best,
> Sophie
>
> _______________________________________________
> Acme mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/acme
>
_______________________________________________
Acme mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/acme
