> I would note that the most recent version of the spec to have > new-authz also used 303 when it found an existing authz. So wherever > we end up, we should be consistent between those two cases. Good point. > > As far as 3XX (your argument is not specific to 303) -- it seems like > the POST->GET change is only an issue for libraries that automatically > follow redirects, which I don't think is a universal behavior. It's not universal behavior, but it may preclude implementation with some libraries. It would be good to have more data on this front. Any chance you have time to test, e.g. XHR, Python requests library, and Node requests library?
> But I would be open to returning a 2XX if we could find a good one. > Probably would want to send Content-Location for the URL. I'm leaning towards 200 on these, but still willing to be convinced.
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
