Re: [Acme] [Technical Errata Reported] RFC8555 (5732)
Rob Stradling <rob@sectigo.com> Wed, 21 February 2024 21:57 UTC
Return-Path: <rob@sectigo.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CEA56C14CE38 for <acme@ietfa.amsl.com>; Wed, 21 Feb 2024 13:57:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.098
X-Spam-Level:
X-Spam-Status: No, score=-7.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sectigo.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 92WmbAx_cZbM for <acme@ietfa.amsl.com>; Wed, 21 Feb 2024 13:56:59 -0800 (PST)
Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2094.outbound.protection.outlook.com [40.107.223.94]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0C7ADC14CE2B for <acme@ietf.org>; Wed, 21 Feb 2024 13:56:58 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PsNp7A7ZcZK8SXD681MwrXwPjDjVyr0B1lr/ze4xOstaZlmTJX+g1AcwyNVDxsjhxntxUPtGrYe4fagx/1Ag0May/U1w0SRqU+pRuc5Sw8hRNffDMva7IyRVoQZOQr2kGxV1phwcGrbg85rwarbRUzDZrSxFPLEZaj2PrCyxT6vkHAWSE8LJamx1iQAvzLj7dKy3jmhWjaM0jUD9Xo7mqWMmqrEbgSTaX6L8eGJ9jq/NaLBmS7M6WcWKJoyh+4GlwzQWiRfSyLJPZ45F3IG7snI+qdM3qYUjKuYBJDpjtLe8WWu8+YJBCqscdDGXD264dMvl0Qmp/bPR3fPA8qiW8w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xhkyEXtRyd4XliS+ww2ULfIsrglzqiWqe88Rk3dZfrs=; b=F8n7vOFYLmvpZ8AJOZV7JWbni08EM3FNBun8tABXKaMFJzv4yOWp+2aw9ZA+hvqwiGcIqNQdM3K45wW39X7buJJvhVdrK+bm/zA3VncVtRvpbD8VsBtiAIWpvOow5JN6HB5KFXD/otCDEMX1aKPAZu1q8nSFp8grF+4yDLxkLUXaMvj7Rdocks2zLveNhxsKtlzBJHC93kKO17XYMJPk2YY8ytHwypcJZE8dliBAGoNWJxayZA1lHCn2NYt3vlYXWK1725liOs+ldGqeb88i5Ms0eMbObeZ7ziEw2CpjvHEzjhJ3YEjjEHCe3j1QroPEAjxaL5fy4XA+JwSvgES6Yg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=sectigo.com; dmarc=pass action=none header.from=sectigo.com; dkim=pass header.d=sectigo.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sectigo.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xhkyEXtRyd4XliS+ww2ULfIsrglzqiWqe88Rk3dZfrs=; b=Aj0wnxU6nuHnUuRUcZ8MLe8Q+DQXGY4jw5tXQII3X8L2tXUIgPHdkKK4g1lgGMH734H65kom6aaI7dhQL8EYWcxPxKqYYiNTpm5FqfPta86hLESGSKNP/ULMauiMBUpy/RBEkVHq2Z5BIB2nh1/EEp8s/V9jwxKLOD72oUgavII=
Received: from MW4PR17MB4729.namprd17.prod.outlook.com (2603:10b6:303:106::18) by SA1PR17MB5140.namprd17.prod.outlook.com (2603:10b6:806:1c3::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7316.21; Wed, 21 Feb 2024 21:56:56 +0000
Received: from MW4PR17MB4729.namprd17.prod.outlook.com ([fe80::3b3b:3fa4:5ce4:7015]) by MW4PR17MB4729.namprd17.prod.outlook.com ([fe80::3b3b:3fa4:5ce4:7015%7]) with mapi id 15.20.7316.018; Wed, 21 Feb 2024 21:56:56 +0000
From: Rob Stradling <rob@sectigo.com>
To: "acme@ietf.org" <acme@ietf.org>
Thread-Topic: [Acme] [Technical Errata Reported] RFC8555 (5732)
Thread-Index: AQHVEUxrCOT7zkCexU6DZXI90jrKXqcJyWoAgSlG7YCI7O6GhA==
Date: Wed, 21 Feb 2024 21:56:56 +0000
Message-ID: <MW4PR17MB4729116946EFF9361790F123AA572@MW4PR17MB4729.namprd17.prod.outlook.com>
References: <20190523094613.12695B81EDB@rfc-editor.org> <35f61c4a1188b11fc6a203d7cf0c5eeb@eff.org> <dd72cc9d0a9ff028b3c8bd404700ff08@eff.org>
In-Reply-To: <dd72cc9d0a9ff028b3c8bd404700ff08@eff.org>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=sectigo.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: MW4PR17MB4729:EE_|SA1PR17MB5140:EE_
x-ms-office365-filtering-correlation-id: f25eca6e-34ff-45f2-9fd5-08dc33280571
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: X8oS5+OoZBwTPz2lrhwu/ykDNhZkDHKPpRpjWGNuFL2pBWdQ/H8gQEOHaSCK9csa6+u6eUD3j3XkPXhQ0s6Qq+VV75VINn6txKy2ufbGxLr+5wvmsMphE+gCQGxNHGANF5apZc3I7XEhkz5sx1V2T6/82/ZwHo8NxMYOUUPLN7b9C+gDFaxOXStYIcNlx+DCVSMKTaNr3a4cmewUGaBvqjBsqx8fCm5qpD+uRPKLC0uUU7ESuAGgYikIwsUuXraOatbPL0EANuSDu4y3OzB81sy+uLukmwhIdgfflAdNm44YTHqrkZQaKCmM9qAUz2zYdSIBPWl2pVN6VWNtdbGn2rsmmBpr9Oj7a3LMWUTEPJQxyehosujbubXAFADTgtIyTppeRInCBtKD+YvCHt1TH7Nx7kiaBh/KK1rrfH/qjkMKXmDPXgDhccquDNeB0U3amBOxRgdbWyE8jEsx8TCtyybvvaFCE+B9IGcnsXMhAnKuZZMRwi8RGttxMB5eLNogiSFAuRO+wbEwrA0DXKUym7qXbf1HpQcpy223DD8v+uXYJ7Fn65ou4SgASXOeg6ngKqA37Ft7pCNDm+HHL6LInSUZgn3pa3hpoUL7xsatYXU=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MW4PR17MB4729.namprd17.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(230273577357003)(38070700009); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: xflsEAFi1ivaBOJbfuHumgij1ja1oXv+bt4GqyCtUfrMD6pNLBn3O8dVFzuXCa06bRGwpQgLYrZXEaaFRtEJd6CkZPduDnhrEMh5/N8NfixGnCcGp1WuYHAz+fRQ9DlRWWKJ9NzR1G1B4gYCCR6hbpOtcLsr4HLrH741vuQdtHSCdJVzur6t+hCcGrOO6pK4VMSGH91rhJtOZfLwv/ln0MT5VxZtIM9obC8zQqamVIze6BbEppEl99CkNo2CbKF2cCJyu9nQkgr3Yr35rT/vTO+t2hwVMJFmrXPz3YiaCMXnds7KXt7fMJ0AkM1evJe+UAubMOzRiw2BBqxiuYhCW0zPc6F+HQP7gcM+JHnNls9VrIKtpa8qKLcYwArONV/pLOf4+0lOHNargHaKEJoJW0Yxt8vnEuD8Nu7dTcZ5/KImach7fCmuPHm13S4GveTfikueY0ysMXMad5MZDTK137+utCU4UWi/G0BSS6BkTRc/qc20Kt2Lqybd25NEwHc+y05F4tbrlFaI6wqatzygjfgn6shPw5KFFD0SPLXGedEpjygHx4rlMx/LD0PpJEAd1rIvCTrVVxL5JvrTNTRZ5iPoHToWz+Tyc2PHF0UMHxERbLNqTxRPDgztVkXPkA/hooqGOy0Lm8VyrQsmtnVm0DsFRZR/7lsY/PhGCNICZUbw6zkSDX9nDXCslp51k3D9ua/HNS88f/7MMmYwWH5OvwhdxeOMbtlPjvfqUpUR1pE7EDpxhIZQ4YwcCm9BL9bHAVrIBwM6LuzdLyt7JWq2OcAivbw3/OYeQJRmoGgLZ3Wio206VSASRvePJ5S604mWgktEIqjPqwvfxzacPPNXsQtEkUNrW1dcYwc0iYr5Ec1x0hy+NH5jVIAC9qC387dNI1yu7reL0+f71gSDA6Kz92uOVGG7Q8xRBfgrOtyHRahU1UxFbepURCqnf30wQBrY0RPcoKYmcrDjlF3wadK3BzSlzB7THNZxg269rz7jxELAXy7ZOMKNML8fZSUyaDBUGjmTbq4yAAvS81+a+7USde8SW+h9UFAilGe3tjEov31zlN3l5GFhRIe1zHpFHgiSFH7UWdoHuE4QBZ/ZsmqVYvBMlTpYPBhQryIXrtTqzpMCCUM/oSyY+I+yRWX1uxIrMGZmsRVPiBAqXqsK8BCrA9iG9JXpGeLQ3DGi5owAh/u8GqWUBaB1y/WAkkyhxNrpNcv7dH51smIW/ajY54j1BDP0xVAQ+a5tmkmNjcdMt1nmXbsOuLU1VP/2O5j5O6i7gS/VeiJe68S+ahrdT76f3F0CanS0J/CphzmWBercr9IAnI5feuvPF9eOswAmWg0rVv1GpeuBxWYJFYa2maePzwA62Nbo1t0AdIgueYn6yrm6AaMJhawN5Ozx+8kipYaa7RfYEY9+wNK57Z41HZTtfMzPpCuB4rdLyqhd9sUUEQAsii3erOJWKCOEJ6Oi7qEyWRtU6KJZOcHnmR+h/Lq3ZfsC8xPlm1TkWm3xbEZ0WOA2WC2eGoeeX2pRBjUbjuYTQzOqDPtG25UQzKHRphApa27EKUbvYjk26suzQOWiB/Y=
Content-Type: multipart/alternative; boundary="_000_MW4PR17MB4729116946EFF9361790F123AA572MW4PR17MB4729namp_"
MIME-Version: 1.0
X-OriginatorOrg: sectigo.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MW4PR17MB4729.namprd17.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f25eca6e-34ff-45f2-9fd5-08dc33280571
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Feb 2024 21:56:56.2285 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 0e9c4894-6caa-465d-9660-4b6968b49fb7
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: wFKjnBuw/D9BP3jTs89oD4GkDWCdECgJdbfB/cD0yhhFFhidhZ5cLh+nE80Du3GxRcjqutpoL9xBL2xFoFuuog==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR17MB5140
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/0mFyeuagqNJ49GqgNVsS0s0yFIQ>
Subject: Re: [Acme] [Technical Errata Reported] RFC8555 (5732)
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Feb 2024 21:57:02 -0000
Given the recent interest in processing the backlog of RFC8555 errata reports, could I please ask again for https://www.rfc-editor.org/errata/eid5732 to be reviewed, approved, and marked as "Verified"? On 4th October 2019, Jacob wrote: "As an author, I think this erratum should be approved." (see https://mailarchive.ietf.org/arch/msg/acme/JjLqCSwehaT406A5FxVfTOWYqkw/) ________________________________ From: erica <erica@eff.org> Sent: 29 February 2020 00:44 To: RFC Errata System <rfc-editor@rfc-editor.org> Cc: rlb@ipv.sx <rlb@ipv.sx>; jsha@eff.org <jsha@eff.org>; cpu@letsencrypt.org <cpu@letsencrypt.org>; jdkasten@umich.edu <jdkasten@umich.edu>; rdd@cert.org <rdd@cert.org>; kaduk@mit.edu <kaduk@mit.edu>; rsalz@akamai.com <rsalz@akamai.com>; ynir.ietf@gmail.com <ynir.ietf@gmail.com>; Rob Stradling <rob@sectigo.com>; acme@ietf.org <acme@ietf.org> Subject: Re: [Acme] [Technical Errata Reported] RFC8555 (5732) CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. Circling back on this -- I'd still like to see this get verified; are there any additional evidence or actions on Certbot's part that could help with that? On 2019-08-23 14:02, erica wrote: Hi, Erica from Certbot here. I'd love to see this get verified -- it seems impossible to implement the "retrying challenges" section as the spec currently stands. On 2019-05-23 02:46, RFC Errata System wrote: The following errata report has been submitted for RFC8555, "Automatic Certificate Management Environment (ACME)". -------------------------------------- You may review the report below and at: http://www.rfc-editor.org/errata/eid5732 -------------------------------------- Type: Technical Reported by: Rob Stradling <rob@sectigo.com<mailto:rob@sectigo.com>> Section: 8 Original Text ------------- A challenge object with an error MUST have status equal to "invalid". Corrected Text -------------- A challenge object with an error MUST have status equal to "processing" or "invalid". Notes ----- Section 8.2 says that 'The server MUST add an entry to the "error" field in the challenge after each failed validation query'. However, if the challenge must then become "invalid", it is never possible to retry any validation query (because "invalid" is a final state for a challenge object). This erratum is necessary to permit validation query retries to ever happen. Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party can log in to change the status and edit the report, if necessary. -------------------------------------- RFC8555 (draft-ietf-acme-acme-18) -------------------------------------- Title : Automatic Certificate Management Environment (ACME) Publication Date : March 2019 Author(s) : R. Barnes, J. Hoffman-Andrews, D. McCarney, J. Kasten Category : PROPOSED STANDARD Source : Automated Certificate Management Environment Area : Security Stream : IETF Verifying Party : IESG _______________________________________________ Acme mailing list Acme@ietf.org<mailto:Acme@ietf.org> https://www.ietf.org/mailman/listinfo/acme
- [Acme] [Technical Errata Reported] RFC8555 (5732) RFC Errata System
- Re: [Acme] [Technical Errata Reported] RFC8555 (5… erica
- Re: [Acme] [Technical Errata Reported] RFC8555 (5… Jacob Hoffman-Andrews
- Re: [Acme] [Technical Errata Reported] RFC8555 (5… erica
- Re: [Acme] [Technical Errata Reported] RFC8555 (5… Rob Stradling
- Re: [Acme] [Technical Errata Reported] RFC8555 (5… Amir Omidi