Thanks Joern, merged. On Sun, Mar 4, 2018 at 6:57 AM, Jörn Heissler <acme-sp...@joern.heissler.de> wrote:
> Hi, > > another PR that slightly changes meaning (SHOULD NOT -> MUST NOT): > https://github.com/ietf-wg-acme/acme/pull/407 > > Section "Request Authentication" says: > "Servers MUST NOT respond to GET requests for resources that might be > considered sensitive. Account resources are the only sensitive resources > defined in this specification." > > I agree with the "MUST NOT" here as account contains e.g. my contact data. > Therefore section "Account Information" should also says "MUST NOT": > "Servers MUST NOT respond to GET requests for account resources..." > > Cheers > Joern Heissler > > _______________________________________________ > Acme mailing list > Acme@ietf.org > https://www.ietf.org/mailman/listinfo/acme > >
_______________________________________________ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
