On Wed, Dec 27, 2017 at 08:01:15PM +0100, Sophie Herold wrote: > Hi, > > sorry to come up with this issue that late, but it is currently blocking > client implementation for me. > > > I think that the definitions of order status meanings are not covering > all possible server states. > > > “pending”: The server does not believe that the client has fulfilled the > > requirements. Check the “authorizations” array for entries that are still > > pending. > > = client action needed > > > “processing”: The server agrees that the requirements have been fulfilled, > > and is in the process of generating the certificate. Retry after the time > > given in the “Retry-After” header field of the response, if any. > > = authorizations are 'valid' = the server has validated the challenge > > > That leaves no status at which the server is validating the challenge. > Which in turn raises the question how exactly the order/finalize and > polling flow should look like. > > > (I also think that the meaning of the status fields for authorization > and challenge objects should be defined explicitly. Currently, the > challenge status even seems to be lacking a way to represent that the > client has responded to the challenge.) > > > For reference: I have also create an issue for pebble that is related to > those problems > > <https://github.com/letsencrypt/pebble/issues/81> > > It almost seems like there are different interpretations of the current > spec.
Also, I may be botching things but: Doesn't this also interact with finalization? Checking the Editor's copy, I see four states for order: - invalid: "This order is invalid" - pending: "Missing one or more authorizations" - processing: "Finalization received, manufacturing certificate" - valid: "Here is your certificate". However, with finalizations, there would be fifth state: "Authorizations are in, waiting for finalization". Seemingly either that fifth state needs to be added, or the definitions of states altered so that that state is folded with pending state. The text of "processing" state might need a bit of adjustment regardless. Also, authorization objects have "processing" state, which presumably means "I am working on validation right now". However, I do not see definitions for the authorization object states anywhere. -Ilari _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
