should take a path, like CLEAN
Optional path or required path? Could still default to / if no path given, or could make the path required for consistency. Or could accept multiple paths.
I think operating on / will be the most common use case, so it would make sense to default to it, but I'll defer to you on this.
catch NoNodeException, like CLEAN
Will this work if the version of the znode is set?
Yea, the -1 means don't care about the version.
Why don't you support retryOnConnLoss?
Not sure what this means.
Would be good to test that the acls get applied recursively
The existing test does this. Set acls on /, test on /collections/collection1
maybe change your test to do this (or do both this and the secure/non-secure version, should be simple to do both probably).
I've been tinkering with a test for this, I'm having some trouble getting the providers and credentials lines up in a way that tests something meaningful. I think I can get it though.