I'm generally skeptical of trying to enumerate what clients should **not** do. But this seems fine. I approved the PR.
On Tue, Apr 17, 2018 at 12:53 PM, Daniel McCarney <[email protected]> wrote: > There has been some confusion[0][1] around the relationship between the > "identifiers" and "authorizations" arrays in an order object. Because one > particular ACME implementation[2] returns an authorization for each > identifier in an order some developers made assumptions about the order of > the "authorizations" and "identifiers" fields in an order matching. > > There is no language in-spec that dictates the order of elements in > fields. Since server policy allows for a design in which an order object > has less authorizations than identifiers defining a sort order isn't > especially helpful anyway. There is no guaranteed 1:1 relation between > identifiers and authorizations. > > I opened a PR[3] to indicate client developers SHOULD NOT assume a sort > order for the "identifiers", "authorizations" or "challenges" fields in > server responses. This PR also includes an explicit mention that there is > no guaranteed 1:1 relationship between an order's identifiers and its > authorizations. > > - Daniel / cpu > > [0] - https://community.letsencrypt.org/t/dns-based- > validation-fails-on-renew/59027 > [1] - https://github.com/ietf-wg-acme/acme/issues/419 > [2] - https://github.com/letsencrypt/boulder > [3] - https://github.com/ietf-wg-acme/acme/pull/421 > > _______________________________________________ > Acme mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/acme > >
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
