> On Sun, Jan 07, 2018 at 18:40:51 +0100, Sophie Herold wrote: >> I wonder if this paragraph has some special background: >> >> If the client’s response is invalid for any reason or does not >> provide the server with appropriate information to validate the >> challenge, then the server MUST return an HTTP error. On receiving >> such an error, the client SHOULD undo any actions that have been >> taken to fulfill the challenge, e.g., removing files that have been >> provisioned to a web server. >> >> Is there a reason that undoing challenge fulfilling actions, isn't >> mentioned for authorizations becoming final (valid or invalid) at all? >> Why is this "rare" case of failing responses the only one covered?
Good question. I'm not aware of any special background here. Certainly clients should client up after themselves regardless of success or failure. On 01/07/2018 10:53 AM, Jörn Heissler wrote: > > Related to this: What is the meaning of the "revoked" status of an > authorization? The server may choose to revoke certain authorizations, for instance if they were validated during a registrar compromise. _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
