Re: [Acme] Responding to challenges - spec bug?

Rob Stradling <rob@sectigo.com> Wed, 22 May 2019 11:34 UTC

Return-Path: <rob@sectigo.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F54E12011C for <acme@ietfa.amsl.com>; Wed, 22 May 2019 04:34:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=comodoca.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xoOFTfiFg-rJ for <acme@ietfa.amsl.com>; Wed, 22 May 2019 04:34:07 -0700 (PDT)
Received: from NAM04-SN1-obe.outbound.protection.outlook.com (mail-eopbgr700047.outbound.protection.outlook.com [40.107.70.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D20E512004D for <acme@ietf.org>; Wed, 22 May 2019 04:34:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comodoca.onmicrosoft.com; s=selector1-comodoca-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2pXyO63TajVyONZ7rBuVifBVFsBEXjw27YOFpcjHILA=; b=oShDurZoOZDojBDCZQlHYnY0QKo0/0EW5enZFWFjfooMhj2mvuf4/z9ydpz0jmA4H/iOj/Ag0p85qV1EbYQVurhWmrs8DBRhbFc2nsfr7pvMAkl0Yu05Ww0rO+avpykPF+BnwyPbJVd3M/BxVYi/vNidLrKIoS69tvQl4MpOSk0=
Received: from DM6PR17MB2251.namprd17.prod.outlook.com (20.176.92.149) by DM6PR17MB3371.namprd17.prod.outlook.com (20.176.127.80) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1900.17; Wed, 22 May 2019 11:34:04 +0000
Received: from DM6PR17MB2251.namprd17.prod.outlook.com ([fe80::f96d:65b0:2e92:c71a]) by DM6PR17MB2251.namprd17.prod.outlook.com ([fe80::f96d:65b0:2e92:c71a%5]) with mapi id 15.20.1900.020; Wed, 22 May 2019 11:34:04 +0000
From: Rob Stradling <rob@sectigo.com>
To: "acme@ietf.org" <acme@ietf.org>
CC: Jörn Heissler <acme-specs@joern.heissler.de>
Thread-Topic: [Acme] Responding to challenges - spec bug?
Thread-Index: AQHVDySRkPLfiLdtEEab2D83pFarqKZ0ZlkAgAKf3QA=
Date: Wed, 22 May 2019 11:34:04 +0000
Message-ID: <1c0708c6-8e64-4897-a6ab-66c50f44bd17@sectigo.com>
References: <a5d40c1b-d412-33b6-baf0-103a0ce7dc60@sectigo.com> <20190520192917.GL1740@carrot.tutnicht.de>
In-Reply-To: <20190520192917.GL1740@carrot.tutnicht.de>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-clientproxiedby: DB7PR03CA0076.eurprd03.prod.outlook.com (2603:10a6:10:72::17) To DM6PR17MB2251.namprd17.prod.outlook.com (2603:10b6:5:b9::21)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=rob@sectigo.com;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [2a0e:ac00:12e:8180:f68e:38ff:fe7a:a226]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: b499d646-670e-4968-736c-08d6dea964f8
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600141)(711020)(4605104)(2017052603328)(7193020); SRVR:DM6PR17MB3371;
x-ms-traffictypediagnostic: DM6PR17MB3371:
x-ms-exchange-purlcount: 1
x-microsoft-antispam-prvs: <DM6PR17MB337120D0A1C69408C448C20FAA000@DM6PR17MB3371.namprd17.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-forefront-prvs: 0045236D47
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39850400004)(376002)(346002)(396003)(366004)(136003)(199004)(189003)(99286004)(52116002)(6512007)(76176011)(66476007)(71190400001)(71200400001)(64756008)(66446008)(66556008)(2351001)(6486002)(6116002)(102836004)(53546011)(6506007)(2501003)(6916009)(386003)(478600001)(31696002)(2906002)(6306002)(186003)(86362001)(36756003)(73956011)(5640700003)(966005)(66946007)(68736007)(6436002)(14454004)(81166006)(81156014)(1730700003)(7736002)(4744005)(305945005)(4326008)(6246003)(8936002)(14444005)(256004)(25786009)(486006)(66574012)(8676002)(316002)(446003)(5660300002)(229853002)(31686004)(476003)(11346002)(53936002)(2616005)(46003); DIR:OUT; SFP:1101; SCL:1; SRVR:DM6PR17MB3371; H:DM6PR17MB2251.namprd17.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: sectigo.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: W0lLK7Sa0PDQ/vpXvmqLti7f/jETwJNBl3zX8u51gNSxD5TULmgJVe26YUfNr+Z3sBlDlUVtdIA31UcSP94wh4/LKBGsxMx5TTtkHHA0N6m0OPmXhHCa8fTQ1vnpCPCrC37LX0aUwUfr8UHLrIRNqEpjyg9K43JPUD1ydz2KTjGr3S0XC96F5NrEU/eThQXDYZ7hDNNzrgSX4huHBX4hWomhaejoB6eMmA5auHHuVQ1F/+x9xSfNYEvBhYh6dLK35pc9j7/DQNVO/Nsos78tgqxFqBB/dymYHvYfbEXF5kPw0oMeKp5magI7N1ZxkPO4eqOi5mQWqS5M+2/ER5xd2Td3rZJKPrF7/ZDxYtiJGof26uRdAvGV145pwd+w8eITt0rFuRariLJnUfXcUDpLqGGNR8UhnhykhCsQaRv7zhc=
Content-Type: text/plain; charset="Windows-1252"
Content-ID: <A82ACC2BFF30CC4D8E00A382BC84EE74@namprd17.prod.outlook.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: sectigo.com
X-MS-Exchange-CrossTenant-Network-Message-Id: b499d646-670e-4968-736c-08d6dea964f8
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 May 2019 11:34:04.7365 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 0e9c4894-6caa-465d-9660-4b6968b49fb7
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR17MB3371
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/A2H7eJv3xEbXhrEHdBd-O2ZArSw>
Subject: Re: [Acme] Responding to challenges - spec bug?
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 May 2019 11:34:09 -0000

On 20/05/2019 20:29, Jörn Heissler wrote:
> On Mon, May 20, 2019 at 15:56:21 +0000, Rob Stradling wrote:
>> How would folks feel about an erratum to change that sentence in section
>> 7.5.1 to the following:
>>     'The client indicates to the server that it is ready for the challenge
>>      validation by sending a POST request to the challenge URL (not the
>>      authorization URL), where the body of the POST request is a JWS
>>      object whose JSON payload is a response object (see Section 8).  For
>>      all challenge types defined in this document, the response object is
>>      the empty JSON object ({}).'
>> ?
> 
> Hello,
> 
> I agree with your finding and your suggested erratum.

Thanks Jörn.

I've filed an erratum for this:
https://www.rfc-editor.org/errata/eid5729

-- 
Rob Stradling
Senior Research & Development Scientist
Sectigo Limited