On Sun, Jan 07, 2018 at 18:40:51 +0100, Sophie Herold wrote: > I wonder if this paragraph has some special background: > > If the client’s response is invalid for any reason or does not > provide the server with appropriate information to validate the > challenge, then the server MUST return an HTTP error. On receiving > such an error, the client SHOULD undo any actions that have been > taken to fulfill the challenge, e.g., removing files that have been > provisioned to a web server. > > Is there a reason that undoing challenge fulfilling actions, isn't > mentioned for authorizations becoming final (valid or invalid) at all? > Why is this "rare" case of failing responses the only one covered?
Hello,
why SHOULD a client undo any actions regardless if an authorization
failed or if the certificate was issued, etc.?
What bad might happen when a file or DNS record is *not* removed?
Maybe this should be rephrased:
The client MAY undo any actions that have been taken to fulfill a
challenge, e.g., removing files that have been provisioned to a web
server, once the authorization is final, i.e. in "valid" or "invalid"
status.
Related to this: What is the meaning of the "revoked" status of an
authorization?
Cheers,
Jörn
signature.asc
Description: PGP signature
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
