IETF Logo Mail Archive

Re: [Acme] [Technical Errata Reported] RFC8555 (5861)

"Owen Friel (ofriel)" <ofriel@cisco.com> Thu, 04 January 2024 13:31 UTC

Return-Path: <ofriel@cisco.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C3ACC18DB9B for <acme@ietfa.amsl.com>; Thu, 4 Jan 2024 05:31:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.604
X-Spam-Level:
X-Spam-Status: No, score=-9.604 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o735G-WenyGm for <acme@ietfa.amsl.com>; Thu, 4 Jan 2024 05:31:04 -0800 (PST)
Received: from alln-iport-6.cisco.com (alln-iport-6.cisco.com [173.37.142.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4917BC14CEFF for <acme@ietf.org>; Thu, 4 Jan 2024 05:31:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.com; i=@cisco.com; l=5890; q=dns/txt; s=iport; t=1704375064; x=1705584664; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=1+6CMzh/420Zcg3tIteTWv55aev32+lKEDsa9R7YqLw=; b=JAYU2s5neQyaZ0DDhMsE0BmQf4/+3jEJqm2HErE5Y5DzBl0dbFo3IQLX OpzZcU6TYEF3f2KRASebwZkmxMsv17WHvvlisHBLKwVuMKZ2pieXlSLVs S6uTT067+myvoIa3pTKoE6XWtg4wOEXGMdaVHFGsztG06e7SUqftCOgxt E=;
X-CSE-ConnectionGUID: 31QqUTu+TY6g5Tr9x2TO/Q==
X-CSE-MsgGUID: CBnVj8I2SF+8XwU3liGI6A==
X-IPAS-Result: A0AHAADlsZZlmJldJa1aDg0BAQEBAQEBAQUBAQESAQEBAwMBAQFAJYEXBQEBAQsBgTUxUnoCgRdIiB4DhS2Iaotdi1SGUIElA1YPAQEBDQEBRAQBAYUGAoc1AiY1CA4BAgQBAQEBAwIDAQEBAQEBAQEGAQEFAQEBAgEHBRQBAQEBAQEBAR4ZBQ4QJ4V5hkUBAQEBAxIbTBACAQgRBAEBLyARHQgCBAENBQgagl4BghcUAzEDAaJQAYFAAoooeIE0gQGCFgWwGg2CVIFIAYd8HgGBToFugiuEOycbgUlEgVeCaD6BBYEaggwahBKCLwSCG4JlXYRlikRUeSUDXSAIBGoFFg8eNxEQEw0DCG4dAjE8AwUDBDIKHAshBRNCA0AGSQsDAhoFAwMEgTAFDRoCEBoGDCYDAxJJAhAUAzsDAwYDCjEDMFVCDFADZR8yCTwPDBoCGx4NJyMCLEIDEQUQAhYDJBYENhEJCygDLAY4AhIMBgYJXSYWCQQlAwgEA1QDI3QRAwQKAxQHCwdQA0QdQAMLbT01Bg4bBQSBNgWSRoRnmGiLYKJLcAqEEZsghikXqg6YTSCRRZZYAgQCBAUCDgEBBoFkATiBW3AVgyJSGQ9YjWGTEwgBPHY7AgcLAQEDCYhwLYFKAQE
IronPort-PHdr: A9a23:vtO2iRfI/hA/kqz4rMFvd30KlGM/f4qcDmcuAtIPkblCdOGk55v9e RCZ7vR2h1iPVoLeuLpIiOvT5rjpQndIoY2Av3YLbIFWWlcbhN8XkQ0tDI/NCUDyIPPwKS1vN M9DT1RiuXq8NBsdA97wMmXbuWb69jsOAlP6PAtxKP7yH9vVgd622uSa8JzIaAIOjz24Mvt+K RysplDJv9INyct6f78swwHApGdJfekeyWJzcFSUmRu9rsvl9594+CMWsPUkn/M=
IronPort-Data: A9a23:hH7YRKva0lI9PFB24WiWVCUlP+fnVCReMUV32f8akzHdYApBsoF/q tZmKWGCOv2MamPyKNtzOoWx8R9Tv5OBzdVgTAs9ris2FiIWgMeUXt7xwmUckM+xwmwvaGo9s q3yv/GZdJhcokf0/0rrav656yAkiclkf5KkYMbcICd9WAR4fykojBNnioYRj5Vh6TSDK1vlV eja/YuHZDdJ5xYuajhIs/vb9Es21BjPkGpwUmIWNKgjUGD2zxH5PLpHTYmtIn3xRJVjH+LSb 44vG5ngows1Vz90Yj+Uuu6Tnn8iG9Y+DiDS4pZiYJVOtzAZzsAEPgnXA9JHAatfo23hc9mcU 7yhv7ToIesiFvWkdOjwz3C0HgkmVZCq9oMrLlDk6PWK8nHbMEfdnfozMFtnLdck3aFOVDQmG fwwcFjhbziZjO6whbm8UOQp3IIoLdLgO8UUvXQIITPxVKl9B8ucBfSRo4YFh1/chegWdRraT 80XcztiaDzLYgZEPREcD5dWcOKA3CGjKmQG9A7JzUYxy0P5yjJzgJm3C/SWKuyVeJ5Rn2m5+ EuTqgwVBTlBaYTAkmDamp62vcfGlib2cIMfCLP+8eRl6GB/3UQJAxEQEFC8u/T80Ai1WslUL Aof/S9GQbUOGFKDFYDERiCEvT24j0ATBuZKQv1g1CbK8/+Bi+qGPVQsQjlEYd0gkcY5Qz02y 1OE9+8F4xQy4NV5rlrDrt+pQSOOBMQDEYMVicY5oeYt+dLvpsQ4iQjCC4wlG6+uhdqzEjb1q 9xrkMTcr+tP5SLo//znlbwiv95KjsOZJuLSzlmPNl9JFisjOOaYi3WAsDA3F8poIoeDVUWmt 3MZgcWY5+1mJcjSzHDUEb9WQu/zv6zt3NjgbbhHQshJG9OFpSfLQGysyGAWyLpBa59bKWGzP Cc/RysLvsMMVJdVUUOHS9nsU5txl/eI+SXNXfHPZd0GeYlqaAKC52lvY0XWt10BY2By+ZzTz ayzKJ72ZV5DUPwP5GPvG481j+Rxrghgnjy7eHwO50n9uVZoTCTLGe5t3ZrnRr1R0Z5oVy2Po o8PaprSmk8BOAA8CwGOmbMuwZkxBSFTLbj9qtdccaiIJQ8OJY3rI6a5LW8JE2C9o5loqw==
IronPort-HdrOrdr: A9a23:bWqBDq4A/Rj55WlYqgPXwYiCI+orL9Y04lQ7vn2ZFiYlEfBwxv rPoB1E737JYW4qKQ8dcLC7VJVpQRvnhPhICPoqTMaftWjdySSVxe5ZnPHfKlHbaknDH6tmpN hdmstFeZPN5DpB/LvHCWCDer5KrqjkgcWVbKXlvgtQpGpRGthdBnJCe32m+zpNNXF77PQCZf 2hz/sCjQCNPV4QacO2DGQEWe/sm/3n/aiNXTc2QzQcxE2rlz2H1J7WeiL04v4ZaVxy6IZn1V KAvx3y562lvf3+4ATbzXXv45Nfn8ak4sdfBeSX4/JlagnEu0KNXsBMSreCtDc6rKWE81Axiu TBpB8mIoBa927RRGeouhHgsjOQkwrGqkWSi2Nws0GT5fARdwhKTPapQrgpNCcx3nBQ+e2UFp g7hl5x+aAnVS8o1x6Nl+QgHysa5XZc50BS0NL6SxdkINEjgHg7l/1FwKtYfa1wbh7S+cQpFv JjA9rb4+sTeVSGb2rBtm0q29C0WG8vdy32CHTql/blmwS+pkoJhHcw1YgahDMN5Zg9Q55L66 DNNblpjqhHSosTYbhmDOkMTMOrAiiVKCi8fF66MBDiDuUKKnjNo5n47PE84/yrYoUByN83lI 7aWF1VuGYucwblCNGI3pdM7hfRKV/NEAjF24Vb/dx0q7f8TL3kPWmKT00vidKpp7EFDsjSS5 +ISdtr6j/YXB3T8KpyrnrDssNpWAwjueUuy6IGZ24=
X-Talos-CUID: 9a23:/ppKWG2zBQtm0A32Nto9uLxfQZkca0Dh0TTsEhG3VFpzGa3PdXjXwfYx
X-Talos-MUID: 9a23:iKeTxQzVXLRkRAfjp0p35Xejtg2aqI+EDn4PwbRcgOfHZRxvBmyZjRuWHKZyfw==
X-IronPort-Anti-Spam-Filtered: true
Received: from rcdn-core-2.cisco.com ([173.37.93.153]) by alln-iport-6.cisco.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Jan 2024 13:31:03 +0000
Received: from rcdn-opgw-4.cisco.com (rcdn-opgw-4.cisco.com [72.163.7.165]) by rcdn-core-2.cisco.com (8.15.2/8.15.2) with ESMTPS id 404DV23Y023137 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for <acme@ietf.org>; Thu, 4 Jan 2024 13:31:03 GMT
X-CSE-ConnectionGUID: 4ObzwNvbQ9iRUQNlEaltlQ==
X-CSE-MsgGUID: vUR+sxCgSiePA5fWu/Cc2Q==
Authentication-Results: rcdn-opgw-4.cisco.com; dkim=pass (signature verified) header.i=@cisco.com; spf=Pass smtp.mailfrom=ofriel@cisco.com; dmarc=pass (p=quarantine dis=none) d=cisco.com
X-IronPort-AV: E=Sophos;i="6.04,330,1695686400"; d="scan'208,217";a="22886345"
Received: from mail-mw2nam12lp2041.outbound.protection.outlook.com (HELO NAM12-MW2-obe.outbound.protection.outlook.com) ([104.47.66.41]) by rcdn-opgw-4.cisco.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Jan 2024 13:31:02 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Kr+vdyKky4K6e450KrTGgXxxPAEbiMIu/hvB5zDVY9SYGAMLDD+xx0BTx979Mj6xHMfdE7ULdr8UKRhXdBpO6/zUzc0h3YTqpSlwVCBYr5XrG+zL90Dlh/6LH2FHGFU16+BEhcJEk+KMr2BFGUyYCiGkXI3zRsu+WwpK5WAOaMDN8yfqPnMKlaVb8ZfVak4U279e7eTM7g1eFAbIdzsp4wBe4b3u7SoeJtjUJ35IP7/10wmQR6CkCaqjcq9rDUHtH6VBANm495nUwDExTpbt1CQgBx4lrqlVtfWOpfT3H0lQuK3tgrQxLd7Xa99LXqizzOaGhPWcIlRh44arKey2kQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=1+6CMzh/420Zcg3tIteTWv55aev32+lKEDsa9R7YqLw=; b=I9TtrUNsw23kzDw4SjPiZITA3BDX9k/RNLyNYiagxg4FDnHQIqQ/c4Xt4Mu/1lAJ6Bfmcu8s/hdOUWjjXSvTIcSqpisvRzhjk7Y/Q+iuCVDHfpUxl+thtk75gGgnuSfP7k97FiigzleBKnQCGIqwo58Vp5wE+mxO69+ssWGwaluyL4O1u974nHkzWYVaKllmRqCJq4n+cP3F2If6remxtsQdB34zdIW126HqYYPjcbZhG2uPIdZVyhZ8NKIxExV0jmH4tCZmhWvYw+lEIJuPf3kLwqlpwjfrcwht9RKhM0XQ32QBGaF63PqLLezysrnt8Xc0rozmVcpUkXwnhkkZlA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
Received: from BYAPR11MB3078.namprd11.prod.outlook.com (2603:10b6:a03:87::21) by CY8PR11MB7313.namprd11.prod.outlook.com (2603:10b6:930:9c::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.25; Thu, 4 Jan 2024 13:31:00 +0000
Received: from BYAPR11MB3078.namprd11.prod.outlook.com ([fe80::54d4:a7be:70ce:2233]) by BYAPR11MB3078.namprd11.prod.outlook.com ([fe80::54d4:a7be:70ce:2233%5]) with mapi id 15.20.7159.015; Thu, 4 Jan 2024 13:31:00 +0000
From: "Owen Friel (ofriel)" <ofriel@cisco.com>
To: Jacob Hoffman-Andrews <jsha@eff.org>, Deb Cooley <debcooley1@gmail.com>, "rlb@ipv.sx" <rlb@ipv.sx>, "jdkasten@umich.edu" <jdkasten@umich.edu>, "cpu@letsencrypt.org" <cpu@letsencrypt.org>
CC: "rdd@cert.org" <rdd@cert.org>, "ynir.ietf@gmail.com" <ynir.ietf@gmail.com>, "acme@ietf.org" <acme@ietf.org>, "rfc-editor@rfc-editor.org" <rfc-editor@rfc-editor.org>
Thread-Topic: [Acme] [Technical Errata Reported] RFC8555 (5861)
Thread-Index: AQHVcfqtPy5SyjgIkUKHYniALpZQIbDRjkOAgACUtICAARw70A==
Date: Thu, 04 Jan 2024 13:30:59 +0000
Message-ID: <BYAPR11MB3078E4B19A4D2134E56180F7DB672@BYAPR11MB3078.namprd11.prod.outlook.com>
References: <20190923103508.6D126B80D81@rfc-editor.org> <CAGgd1OfecWRy4wZwLoBhzQKYNY8_hbQ2EN+CHdWtNffyc7k5MQ@mail.gmail.com> <CH0PR20MB67082ED780F3C22618C607C6DB60A@CH0PR20MB6708.namprd20.prod.outlook.com>
In-Reply-To: <CH0PR20MB67082ED780F3C22618C607C6DB60A@CH0PR20MB6708.namprd20.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BYAPR11MB3078:EE_|CY8PR11MB7313:EE_
x-ms-office365-filtering-correlation-id: c476466e-9973-441d-4602-08dc0d2963d3
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: eDGP1mfKVVmKxxpRnuJ9HqcnW8psMni52E4UfzXr4BMHcVvTUTJ62LuUe/ISzPOMt0wqgj4zIyM6CRn1DyHxEcZ6YfgVDU2lFCClNye6ENV9Yt0DJg4vceFVOsVXoQNh8wqL4oRddSHjsbKkKpcAWFFaA5gvTWGYyoBpAOirAGAVEGZ4RNJBqXyfYRYKv0EHLmanlihecmUcnv43UIE8zJkoLycNlCNFD7IbgF8vWDQkEj+XUU7q0NnuUpKGRkQso2Jq17lXbJHHoVlZCWYbS1AoUs4SMi1AklXxK27dar62xW0hfXHdPYGmA9pL+TFR01egMp4IjTtFNKXMEUvwZGTRYL/sDBMrpdBcZ6KrGg2p9VSj+CJ0bLuCwmi2P4a/VqYRmp0pau/xyPj43HtYefh5vZZpMVFM8kI+4OGRFWKCPj49KoYnB3WCn5ih62Kt6zxAy2uuYZsbHG1xK/wm9ZeQ/5iW6YzhkqpHQajQXg5monjTNf3uKYOhqBpK2WaaxEsMtasSuqJc1sGNqa6N+uRPoT9e03WkoS9os73iLumAB50euGcl8mKFxKsEFLgzZ4EBLqtrM1h+sYcXZGBhKcyFQhxq66im5Uvhpmy6+wMAwExVZMDzG0izmlJK5J4o1ninrk1DzVbJzYJLzAGCmg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR11MB3078.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(39860400002)(346002)(396003)(376002)(136003)(366004)(230922051799003)(186009)(64100799003)(451199024)(1800799012)(55016003)(33656002)(9686003)(66556008)(66476007)(7696005)(6506007)(66446008)(76116006)(53546011)(64756008)(38070700009)(86362001)(66946007)(83380400001)(122000001)(2906002)(38100700002)(8936002)(4326008)(52536014)(71200400001)(8676002)(478600001)(5660300002)(41300700001)(54906003)(316002)(110136005)(19400905002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: tfgDZtb2Rbvs9hYOA28EbXSpgVIsGMH2TU4Unbszh4hJOwiJqZ9EFbjtSDb7/Zli5gFhGSJBHJiIgTqax1yWhlqhKJGVfU6LrqqW05N6qLlmkZzAnn28tTEUeBi1hUXdAyd3niABkjMtkxBnB1gmFadYZBRoOs91iA4zieuVgUwbCaZ7bVdhtZ3MQFcZSoimKy3Q1rL0nvn21Eq4vApCqmtUwa61PeOjHRLzKPskG0BIVaUT/IM256Ad6PBYgOLZ937bMH8WmMGhxC9h8j+x4oCifNl+JtS6CHGn1Wse3xTzP2yS3ruInVhkbXWhJH6dSG2gh5xFgL/9ApLFaM7Z69fPrh76/PYGHA00cbxx9Cc4uDnZNWDQpue4Gf4oqXf2WvDCbmesUjD0t+Cv5F4040JGSpV2pWEYTovEc4TivYmxvBHdPW4JZXmSWaPjf1jZ5OIt+OWa9Ha/8gbs+zCab3TZcrUQDSiK+YMj198ZChJD7n99U8O/VYAKR2MF8PS/JndVezXv0MHoyZiH/R31mEsls+x+O4SJgimKVJSa/oFvZH3o2K94LeU359XuEPlXuWkfPl3waOgdyesRrlf/LJ51TDYK6ZmnUqaRsrKu7RdUlOORL4FpTHxmB2dp6/tlTCZlEkJ5IJZdCMrHsMtvL3UqSF2uRDhYAJyZ74oJhYbswFAl69ghU8FMQV65HZRghh5GqsTY/S3HxC8/mGZiqnkJPx9TUgxJ0k0baB6b7ePSFPgddRkRPUmznPzxlZB5PQz+ekX9eRW79K/8zdgFwM/M9QZrTLafMnaQU5hBd6hDvZQBsWuAhWYsVi06plUrjKpBZ/5/sBRJ8TTHzfNoDahaWDFY/BgThkHW5a2nhsDbxNrsYFynf60WgoBU3/swcx0RFaJOaEiJmtSdG5oS1+33ndFJLgPnUZ+CB6XoLiJg2y6vxuuw8NOnHTn185omB/83mm8s3FdEpTusZRbY1lWiuhHrgLkUFDvVmE0WrRCtrwNaqTrmuUw6ug2kPwextz491MGG0ekBZe0jYvWtkGFAWl7r8wJRQ4Zh5F0GGxUPKJRr97u/R0HRx4Wi5EjP4i67ur9QDFgRLH9WIVgR3CnqqnQQKibviUT6LpLJMtkTgsAVFTz2jBwCoKSHe59axodbJeym0lao+5xe/EzE88WGezW+uq+4ZrQ9dzv83K2RVayggyOgLdC1Y6WLT7iX/Vpl8i449extQQNjDhMVfS8S3qzzb/Y1WajauhJjMR7kEjers/a5sDre41RvOv4TlTYo0WTrXKf+w8qr802bB02efwCt1QUo4WXL+a5JGsAJUYAqwGh+hcflasGuqEdJvPrQBko7ycddDNDFbwY/VMsx/MLM2oG3ltKPclAVjNT3BtaAMgKd37c4sc1Ur8vhsuy2Z5aNct/6JyLLrDRY0851d3bl5RIA0B5Ag4pwnmV0C6bvHE+WM2dZXtjol1w+DpB+P9aDZyAwI9AKHF2isSlRO+GEzfZSk19g6AJOD4035oeNY2ffoANij+YlTPU4reSfDi/Tv/ebJB4FFpGPBh0n6V2aEpm58vbOub9RLPunsVNY2u05doAUzgCHxLuEbSqwBLM89nuuX89LOcTn2w==
Content-Type: multipart/alternative; boundary="_000_BYAPR11MB3078E4B19A4D2134E56180F7DB672BYAPR11MB3078namp_"
MIME-Version: 1.0
X-OriginatorOrg: cisco.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BYAPR11MB3078.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: c476466e-9973-441d-4602-08dc0d2963d3
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Jan 2024 13:30:59.9165 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: yWydzKtm9ePbkrb8i16dRscZj1dAEYYn+QKuCcGrq4g7rdD7hAUL37rLQZPXuuwre5wH01PvyTx8xwVQjQ3IiA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR11MB7313
X-Outbound-SMTP-Client: 72.163.7.165, rcdn-opgw-4.cisco.com
X-Outbound-Node: rcdn-core-2.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/Q1yisRx1GpxpZQ9_pVe0RuJQVpo>
Subject: Re: [Acme] [Technical Errata Reported] RFC8555 (5861)
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Jan 2024 13:31:09 -0000

That's fair. The text should probably state something along the lines of

"If the server has an existing authorization for the identifier, depending on server policy, the server may return a 200 (OK) response with the existing authorization URL in the Location header field and the existing JSON authorization object in the body."

It currently reads as not allowing reuse of existing authorization objects, and always creating a new pending object and returning 201.



From: Jacob Hoffman-Andrews <jsha@eff.org>
Sent: Wednesday, January 3, 2024 8:29 PM
To: Deb Cooley <debcooley1@gmail.com>; rlb@ipv.sx; jdkasten@umich.edu; cpu@letsencrypt.org; Owen Friel (ofriel) <ofriel@cisco.com>
Cc: rdd@cert.org; ynir.ietf@gmail.com; acme@ietf.org; rfc-editor@rfc-editor.org
Subject: Re: [Acme] [Technical Errata Reported] RFC8555 (5861)

This overspecifies things. When someone requests to create a new authorization object (or requests to create a new order object that would necessitate creation of new authorization objects), it is up to server policy whether to reuse an existing authorization or not. For instance a server might have a policy of never reusing authorization objects (that is, doing validation from scratch every time), or it might have a policy of reusing only pending authorization objects, or only ones created in the last N hours or days.

So I think we should not accept this errata as it stands.

v2.23.0 | Report a Bug | By Email