So here's the compromise I would propose: 1. Remove GET for certificates. I think this is a mistake, but I can grant that it's clunky as-is, and it will be straightforward to re-add it later if it's needed.
2. Keep the security considerations about capability URLs and the randomized examples. Those are needed for the correlation concerns regardless of GET. In units of PRs, I think that means: - Merge #459 (remove GET for certificates) - Merge #460 (randomize URLs) - Close #462 (meta flag for GET; obsoleted by #459) - Close #457 (remove recommendation for capability URLs; obsoleted by #459) Jacob, Daniel: How does that strike you? --Richard On Tue, Oct 9, 2018 at 10:32 AM Daniel McCarney <[email protected]> wrote: > I am also opposed to this change. I think it is a clunky solution and > there hasn't been convincing justification of why the base ACME draft needs > to carry this complexity instead of having STAR add the extensions it > requires. > > On Mon, Oct 8, 2018 at 3:27 PM Jacob Hoffman-Andrews <[email protected]> wrote: > >> > https://github.com/ietf-wg-acme/acme/pull/462 >> <https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_ietf-2Dwg-2Dacme_acme_pull_462&d=DwMCaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=zJkImRuZ93rmhcDQ-zHtt5LOUgwqtl2aszwdEpSC0-w&s=zCXMvIeBxWA73LLbBDMobFZR09mkRMCUrP9bM5v_ylk&e=> >> >> I'm opposed to this change. It's better for STAR to just extend the Order >> object with a new "gettableCert" URL field. Less complex. >> _______________________________________________ >> Acme mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/acme >> > _______________________________________________ > Acme mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/acme >
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
