IETF Logo Mail Archive

Re: [Acme] [Technical Errata Reported] RFC8555 (5861)

Aaron Gable <aaron@letsencrypt.org> Mon, 12 February 2024 18:46 UTC

Return-Path: <aaron@letsencrypt.org>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 41377C14F6B5 for <acme@ietfa.amsl.com>; Mon, 12 Feb 2024 10:46:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=letsencrypt.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fZPAwDA0GdQF for <acme@ietfa.amsl.com>; Mon, 12 Feb 2024 10:45:59 -0800 (PST)
Received: from mail-oa1-x30.google.com (mail-oa1-x30.google.com [IPv6:2001:4860:4864:20::30]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 27363C14F693 for <acme@ietf.org>; Mon, 12 Feb 2024 10:45:59 -0800 (PST)
Received: by mail-oa1-x30.google.com with SMTP id 586e51a60fabf-204f50f305cso2911288fac.3 for <acme@ietf.org>; Mon, 12 Feb 2024 10:45:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=letsencrypt.org; s=google; t=1707763558; x=1708368358; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=sUFVWcJ+vh4OXVBP+v57MpTQ9OIw4pu5JYCPSZUnWYg=; b=IsQES/TYnBlcVHQsiWkDTJeQzn+NjfjVZOTi9XYCYEjEdLg8hbRwckW3ufETruBL3i t5DjlPynCHWbbfeQYz9UOr67lFH49v4h5dCzgftlrT2K7R/LvtwB3L8enutyS6EyopmZ OL5SH13z0gmjoUliDYW1LwIeIPd+P+lLxyGIc=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707763558; x=1708368358; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=sUFVWcJ+vh4OXVBP+v57MpTQ9OIw4pu5JYCPSZUnWYg=; b=NLBO6+Wgdtl0vJfP2OpRSIV5yUOiDo4cefdz+zjzpE8SUcyoSdLMOZjd79uvR1cSIY 7Cmwr8cMat/3kDD4ODxWcynVfdWVGprBmD0O5D/o9/G5oDm4IjdRwYLUWWfXmhf5ypGJ ihBkjRow6MA6iTi6HBzrbJqmF1DMFFuGeZmh9SWPtxRIuTGtDXdQHI48kyrGqt4k0vjC B5Gj2SHoURcwqt1IbpjVEdH8l8fUE7LAPaqhsVUJG9M2jXO4rT3Tg38FlNLpo30LaHdM xIXabtXhFPala9S6hIbXk/azine+Tdn+PX/MJLodTh2soWnyx540dm5tRVY8p/FszQJT hR1w==
X-Forwarded-Encrypted: i=1; AJvYcCUc9uPDVn6BFo2WDXe79JGnOFfSrywpZiBwaSBTOH4tVJUmAxTAyXbEECJ72XDSIbdt7m0oMfrxEpFSJSUg
X-Gm-Message-State: AOJu0Yx3t+jYl61htLgLU+eSRMjBWx/KuNlgcEuXsdHA3ZFtzULe08+7 y/KvVHQRN02gX1qtKCPHdtWhqPUCkz3ZZmsiD4yro3/0DXsq+oo1MjPZcG6G0f7qqmOEwaY05mv OUnsegD1ATzPwt4nLB8EYok2LX1emi1t/ZLcCqQ==
X-Google-Smtp-Source: AGHT+IFbH/ge/nzr7KLJhyaKV4bc6wGB4A6f/wpDBl2aExGcby1Jxn/s+xN87E5MHIp4F4yeA82hFaTjPwv5/MF2VDo=
X-Received: by 2002:a05:6870:2e0a:b0:219:45ed:8fd4 with SMTP id oi10-20020a0568702e0a00b0021945ed8fd4mr9506923oab.38.1707763558285; Mon, 12 Feb 2024 10:45:58 -0800 (PST)
MIME-Version: 1.0
References: <20190923103508.6D126B80D81@rfc-editor.org> <CAGgd1OfecWRy4wZwLoBhzQKYNY8_hbQ2EN+CHdWtNffyc7k5MQ@mail.gmail.com> <CH0PR20MB67082ED780F3C22618C607C6DB60A@CH0PR20MB6708.namprd20.prod.outlook.com> <BYAPR11MB3078E4B19A4D2134E56180F7DB672@BYAPR11MB3078.namprd11.prod.outlook.com> <CH0PR20MB67086EA66C0FFD1CF93F3327DB672@CH0PR20MB6708.namprd20.prod.outlook.com> <CAGgd1OdtTNGTu3Qn_i--EQ555qj6dU0T5p0R9kyOmDpdh7fzLw@mail.gmail.com>
In-Reply-To: <CAGgd1OdtTNGTu3Qn_i--EQ555qj6dU0T5p0R9kyOmDpdh7fzLw@mail.gmail.com>
From: Aaron Gable <aaron@letsencrypt.org>
Date: Mon, 12 Feb 2024 10:45:47 -0800
Message-ID: <CAEmnEreXnzrpHBUoR7SwkrubkoPFObkNKNr2uX6Lvr49KoBTzA@mail.gmail.com>
To: Deb Cooley <debcooley1@gmail.com>
Cc: Jacob Hoffman-Andrews <jsha@eff.org>, "Owen Friel (ofriel)" <ofriel@cisco.com>, "rlb@ipv.sx" <rlb@ipv.sx>, "jdkasten@umich.edu" <jdkasten@umich.edu>, "acme@ietf.org" <acme@ietf.org>, Yoav Nir <ynir.ietf@gmail.com>
Content-Type: multipart/alternative; boundary="000000000000409ad4061133b05b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/HhVG12ABb5SOfglGe_tEcUWx5o8>
Subject: Re: [Acme] [Technical Errata Reported] RFC8555 (5861)
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Feb 2024 18:46:03 -0000

Looks good to me.

Aaron

On Fri, Feb 9, 2024 at 3:39 AM Deb Cooley <debcooley1@gmail.com> wrote:

> The ADs can edit the language of an errata.  If we can agree on the
> language, they can modify the errata and then mark it as Verified.  Below
> is what I have for this:
>
> ------------------------------------------
>
> Errata old:
>
> Section 7.4.1, It should say:
>
> If a server receives a newAuthz request for an identifier where the authorization object already exists,
> whether created by CA provisioning on the ACME server or by the ACME server handling a previous newAuthz
> request from a client, the server returns a 200 (OK) response with the existing authorization URL in the
> Location header field and the existing JSON authorization object in the body.
>
> ----------------------------------------------
>
> Errata new:
>
> Section 7.4.1
>
> It should say:
> If the server has an existing authorization for the identifier, depending on server policy, the server may return a 200 (OK)
> response with the existing authorization URL in the Location header field and the existing JSON authorization object in the body.
> ----------------------------------
>
> Is this correct?  Or does it need to be tweaked?
>
> Deb
>
>
> On Thu, Jan 4, 2024 at 1:29 PM Jacob Hoffman-Andrews <jsha@eff.org> wrote:
>
>> > That’s fair. The text should probably state something along the lines of
>>
>>  >
>>
>> > “If the server has an existing authorization for the identifier,
>> depending on server policy, the server may return a 200 (OK) response with
>> the existing authorization URL in the Location header field and the
>> existing JSON authorization object in the body.”
>>
>> This sounds good to me. Thanks for the update.
>>
> _______________________________________________
> Acme mailing list
> Acme@ietf.org
> https://www.ietf.org/mailman/listinfo/acme
>

v2.23.0 | Report a Bug | By Email