According to the draft minutes, as of the end of IETF 98, the plan was to eliminate the "up" link relation from authorization to order since an authorization can belong to multiple orders and nobody seemed to rely on this relation. However, I still see this "up" relation on GitHub. Is the plan still to remove that "up" relation, has the plan changed, or is the plan to wait and see if anyone uses the relation first?
As for the "up" link relation from challenge to authorization (not mentioned on slides), this could encounter a similar problem. As a simple example to illustrate the potential problem, assume a server issues an order with two authorizations: one authorization for (http-01 or dns-01), and another authorization for (tls-sni-02 or dns-01). To prevent the client having to complete the same challenge twice, assume that the server used the same dns-01 challenge instance for both authorizations. For the common dns-01 challenge, where does the "up" relation point to? This could become a more significant issue as new identifiers, challenges, etc. are added in the future. How should this be addressed? Sincerely, Logan Widick
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
