The ACME v2 announcement indicates that Pre-authorization “is an optional feature and we have no plans to implement it.” Can you provide more information about this decision?
The v1 pre-authorization feature is very useful when developing an integration as a hosting provider. In this case domains are only partially in control of the provider, and partially in control of the provider’s customer. Because of this, there are occasional authorization errors due to things like DNS configuration problems or propagation delays. This is despite best efforts to only attempt authorization on domains that are expected to succeed.
With the v1 pre-authorization workflow this means that new certificates were requested when they would almost certainly be issued. With the v2 order workflow, there’s additional overhead for both Let’s Encrypt and the implementer when the authorizations fail. This includes creating and tracking the order objects, as well as generating the CSR.
Additionally, having authorizations not dependent on the certificate request allows more flexibility in architecture, especially when parallelizing a large number of authorizations.