On 8/31/18 3:14 PM, Jacob Hoffman-Andrews wrote:
That winds up leaving us pretty close to being back at draft-14: Since
POST-as-GET protects resource bodies, and the currently-specified
resources are already broken down into sensitive (account) and not
(orders, authorizations, challenges, certificates), we could just as
well leave the non-sensitive resources as regular GETs.
No.
The baseline problem here is that the original analysis that determined
that orders, authorizations, challenges, and certificates were "not
sensitive" was incorrect. These are all potentially sensitive from a
privacy perspective. Perhaps not in isolation, but the problem here is
correlation, not isolation.
/a
_______________________________________________
Acme mailing list
Acme@ietf.org
https://www.ietf.org/mailman/listinfo/acme