On the ACME mailing list I asked about the Location header for finalize order responses being required or optional, and @aarongable weighed in that it's not a requirement but it is nice to provide. I agree and think it's great for boulder to provide the header, but I also think that it would be better for pebble to drop the header aka revert #85.

Pebble is pretty commonly used as the reference server for new ACME clients, and it seems like including this header has created a de facto assumption that all servers will include the header. It's great for clients since they can rebuild an order object from scratch using just the response from finalize if the Location header is present. But there are ACME servers (like Buypass.com) that do not include this header, so any client that depends on the presence of the header may not be compatible. Here's an example: unixcharles/acme-client#250

Would you consider a PR to remove the Location header from finalize order responses, either conditionally (via an env var or cli flag) or unconditionally? Or alternatively, randomly include it only a percentage of the time in a similar way to the PEBBLE_WFE_NONCEREJECT env var?