[Acme] [Technical Errata Reported] RFC8555 (6317)
RFC Errata System <rfc-editor@rfc-editor.org> Fri, 23 October 2020 22:20 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 111103A09A5 for <acme@ietfa.amsl.com>; Fri, 23 Oct 2020 15:20:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id du_0Q49oFp0H for <acme@ietfa.amsl.com>; Fri, 23 Oct 2020 15:19:59 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BC49F3A09A3 for <acme@ietf.org>; Fri, 23 Oct 2020 15:19:59 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id B6009F4072C; Fri, 23 Oct 2020 15:19:49 -0700 (PDT)
To: rlb@ipv.sx, jsha@eff.org, cpu@letsencrypt.org, jdkasten@umich.edu, rdd@cert.org, kaduk@mit.edu, rsalz@akamai.com, ynir.ietf@gmail.com
X-PHP-Originating-Script: 30:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: matt@lightcodelabs.com, acme@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20201023221949.B6009F4072C@rfc-editor.org>
Date: Fri, 23 Oct 2020 15:19:49 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/5DT1MmLnE7FMaUCh5u9DuLt49tg>
X-Mailman-Approved-At: Fri, 23 Oct 2020 16:07:01 -0700
Subject: [Acme] [Technical Errata Reported] RFC8555 (6317)
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Oct 2020 22:20:01 -0000
The following errata report has been submitted for RFC8555, "Automatic Certificate Management Environment (ACME)". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid6317 -------------------------------------- Type: Technical Reported by: Matthew Holt <matt@lightcodelabs.com> Section: 7.5.1 Original Text ------------- The server is said to "finalize" the authorization when it has completed one of the validations. Corrected Text -------------- The server is said to "finalize" the authorization when it has successfully completed one of the validations or failed all of them. Notes ----- The current handling of failed challenges is ambiguous, or at least inefficient. To get a certificate, a client creates an Order. The client then has to validate all Authorizations ("authzs"). For each Authorization, the client needs to successfully complete one of the offered Challenges. One successful Challenge is sufficient to validate the authz. However, currently in practice, one failed Challenge is sufficient to invalidate the authz, and thus the entire Order. To try another Challenge, the client then has to first deactivate the other Authorizations (expensive) and create a new Order (also expensive), then repeat the whole process, remembering what was already tried. It is proposed that an Authorization MUST NOT be finalized until all possible challenges have failed. The client could then simply try the next Challenge. In other words, a single failed Challenge should not invalidate an authz; an authz should be "pending" until all offered challenges have failed or one has succeeded. The spec should be clear that a single failed challenge is not sufficient to finalize an authz which has multiple possible challenges. ACME servers see many, many failed validations. ACME clients need to keep more state. This change will speed up ACME transactions, lower costs for CAs, reduce code complexity, and make ACME more reliable on the whole. Real-world experience: https://github.com/mholt/acmez/commit/80adb6d5e64a3d36a56c58c66965b131ea366b8c Mailing list discussion: https://mailarchive.ietf.org/arch/msg/acme/wIHaqikTCZ59zrWsUUus8lZ4VSg/ Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party can log in to change the status and edit the report, if necessary. -------------------------------------- RFC8555 (draft-ietf-acme-acme-18) -------------------------------------- Title : Automatic Certificate Management Environment (ACME) Publication Date : March 2019 Author(s) : R. Barnes, J. Hoffman-Andrews, D. McCarney, J. Kasten Category : PROPOSED STANDARD Source : Automated Certificate Management Environment Area : Security Stream : IETF Verifying Party : IESG
- [Acme] [Technical Errata Reported] RFC8555 (6317) RFC Errata System
- Re: [Acme] [Technical Errata Reported] RFC8555 (6… Deb Cooley
- Re: [Acme] [Technical Errata Reported] RFC8555 (6… Seo Suchan
- Re: [Acme] [Technical Errata Reported] RFC8555 (6… Ilari Liusvaara
- Re: [Acme] [Technical Errata Reported] RFC8555 (6… Aaron Gable
- Re: [Acme] [Technical Errata Reported] RFC8555 (6… Jacob Hoffman-Andrews