Rather, you should decode both token-parts, then concatenate the result, and
use the result (as a byte array) to do the key-authorization calculation.
RFC 8555 Section 8.1 says:
A key authorization is a string that
concatenates the token for the challenge with a key fingerprint,
separated by a "." character:
keyAuthorization = token || '.' || base64url(Thumbprint(accountKey))
It further says that "the token for a challenge is a string comprised
entirely of characters in the URL-safe base64 alphabet. The "||"
operator indicates concatenation of strings."
So the computation of the key authorization is a purely string-based
operation. I cannot use the decoded and concatenated byte array for it.
Best,
Richard Körber
_______________________________________________
Acme mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/acme
