Hi, thank you for the feedback! The PR is here
<https://github.com/ietf-wg-acme/acme/pull/371> Best, Sophie On 15/12/17 16:28, Richard Barnes wrote: > +1 > > On Fri, Dec 15, 2017 at 10:24 AM, Daniel McCarney <[email protected]> > wrote: > >> Hi Sophie, >> >> I think there are two "mistakes" in this example: >> >> >> Agreed on both mistakes. Thanks for flagging! >> >> To avoid unnecessary confusion, I suggest that the table could look something >>> like this: >> >> >> I like your proposed fixes. I think the only change I'd request is that I >> think the "Fetch challenges" action should have a plural request stage "GET >> order authorization*s*". Similarly the "Respond to challenge" action >> should be plural ("Respond to challenge*s*") and should have a plural >> request "POST challenge url*s*". I think that will emphasize that there >> can be multiple authorizations in one order and multiple challenges in one >> authorization. >> >> Also the diagram seems to have a few issues: >> >> >> Agreed that we should capture the finalization step here & remove the >> "new-nonce"/"authz" inconsistencies. >> >> Sophie: Do you want to submit a PR implementing these changes? >> >> Thanks again! >> >> >> On Thu, Dec 14, 2017 at 2:08 PM, Sophie Herold <[email protected]> >> wrote: >> >>> Hi, >>> >>> I think there are two "mistakes" in this example: >>> >>> | Action | Request | Response | >>> |:---------------------|:--------------------|:----------------| >>> | Get a nonce | HEAD newNonce | 204 | >>> | Create account | POST newAccount | 201 -> account | >>> | Submit an order | POST newOrder | 201 -> order | >>> | Fetch challenges | GET authz | 200 | >>> | Respond to challenge | POST challenge | 200 | >>> | Finalize order | POST order finalize | 200 | >>> | Poll for status | GET authz | 200 | >>> | Check for new cert | GET cert | 200 | >>> >>> 1. "Poll for status" should not be "GET authz" but "GET order". >>> Only if the order is "pending" or "invalid", authz are of interest. >>> 2. "Check for new cert": There is nothing to check here. >>> >>> >>> To avoid unnecessary confusion, I suggest that the table could look >>> something like this: >>> >>> | Action | Request | Response | >>> |:---------------------|:-------------------------|:---------------| >>> | Get directory | GET directory | 200 | >>> | Get nonce | HEAD newNonce | 204 | >>> | Create account | POST newAccount | 201 -> account | >>> | Submit order | POST newOrder | 201 -> order | >>> | Fetch challenges | GET order authorization | 200 | >>> | Respond to challenge | POST challenge url | 200 | >>> | Finalize order | POST order finalize | 200 | >>> | Poll for status | GET order | 200 | >>> | Download certificate | GET order cert | 200 | >>> >>> >>> Also the diagram seems to have a few issues: >>> >>> 1. new-nonce should be newNonce (my fault) >>> 2. should "finalize" appear somewhere? maybe like this? >>> order -----> finalize >>> -----> cert >>> 3. I think "authz" could be called authorization here >>> >>> Best, >>> Sophie >>> >>> _______________________________________________ >>> Acme mailing list >>> [email protected] >>> https://www.ietf.org/mailman/listinfo/acme >>> >> >> >> _______________________________________________ >> Acme mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/acme >> >> > _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
