Re: [Acme] [Technical Errata Reported] RFC8555 (6364)
Aaron Gable <aaron@letsencrypt.org> Thu, 04 January 2024 16:03 UTC
Return-Path: <aaron@letsencrypt.org>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 95C12C14F60F for <acme@ietfa.amsl.com>; Thu, 4 Jan 2024 08:03:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.107
X-Spam-Level:
X-Spam-Status: No, score=-7.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=letsencrypt.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l2vKjHmN74CV for <acme@ietfa.amsl.com>; Thu, 4 Jan 2024 08:03:08 -0800 (PST)
Received: from mail-oa1-x2f.google.com (mail-oa1-x2f.google.com [IPv6:2001:4860:4864:20::2f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DB3EBC14F61B for <acme@ietf.org>; Thu, 4 Jan 2024 08:03:08 -0800 (PST)
Received: by mail-oa1-x2f.google.com with SMTP id 586e51a60fabf-2041bb80cb3so347260fac.2 for <acme@ietf.org>; Thu, 04 Jan 2024 08:03:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=letsencrypt.org; s=google; t=1704384188; x=1704988988; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=2o7GUgnqWXyJbezGpioZDbfJh6yPE/PQe153exu0xZE=; b=VeXoG9+sRUroo18U1rItKJygS2zBFBMJGMig5fbavSKm9/oz8kHVMRcmFbTlryomHk BkbRoixGDzUxOsXocDSbE1YXurunevgLbfP/eowGRRg0SU7xwqr1k0tUAGC0AqL+gwJU NlfPKs/HE8gLYOKB5VFyfvutRza8FmqHN/+AI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1704384188; x=1704988988; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=2o7GUgnqWXyJbezGpioZDbfJh6yPE/PQe153exu0xZE=; b=kg15Cdp8nb81nzpdvIuNliDAu1lGgxqF5WIfkOEK1FaCGdzvYt+87BTtchdA0CsGBb MIp+ApKb1cB+e8116u+iUq4cZrQVy8pqEK6mHwBrRusu4K1ShQVymV02eC4qZzOZ8G11 /Pej5iJLmxwZTCho/i4LnGO0rirvtonPLgxankCFul0GQ/AxYkq1s6TNsV2SkcpqA4KP 6v0cje0JLerZl41fgVVECieov8QymVrj8v9fuDG1Q+/LSWWRyjVVjkVmt2SPfmATO+qC HUCSxq54RoRTuUepbV4U4F3KMOT8u0gHz7GTRsRJymhN2tZvnnznGSJEzs/GMsgnLzfQ /7+A==
X-Gm-Message-State: AOJu0Yzulr93OgbGgRXYbxYfgNvjYJ4dWJ23Y5vB41Db0zj5DBbZXois ZeY/6nUyIFW7II5J01OtDzEKqEbKktXTKZQ72heEIAHtOsvDnA==
X-Google-Smtp-Source: AGHT+IFxmtsLtxEFK7O/TyaNY6N/5WQ3+Z2sJKP2rdPnK1sf3RYAkFhrCB4Y3JiMxlAYizrSfLCrN4UZk5jb+DqMQfo=
X-Received: by 2002:a05:6871:2287:b0:204:f0b:3bfd with SMTP id sd7-20020a056871228700b002040f0b3bfdmr769869oab.43.1704384187753; Thu, 04 Jan 2024 08:03:07 -0800 (PST)
MIME-Version: 1.0
References: <20201223123453.28D1BF40768@rfc-editor.org> <CAGgd1Of_L6q_8Gc8WpKULVe9mjtB3Luj52p6AU3rAoQc0pWFgg@mail.gmail.com>
In-Reply-To: <CAGgd1Of_L6q_8Gc8WpKULVe9mjtB3Luj52p6AU3rAoQc0pWFgg@mail.gmail.com>
From: Aaron Gable <aaron@letsencrypt.org>
Date: Thu, 04 Jan 2024 08:02:57 -0800
Message-ID: <CAEmnEre1xUXZwbDnvnn2L25qRB+fm0nH5eAaQeqPCUPvjdcgVw@mail.gmail.com>
To: Deb Cooley <debcooley1@gmail.com>
Cc: rlb@ipv.sx, jsha@eff.org, jdkasten@umich.edu, rdd@cert.org, ynir.ietf@gmail.com, acme@ietf.org, ekaratsiolis@mtg.de, RFC Errata System <rfc-editor@rfc-editor.org>
Content-Type: multipart/alternative; boundary="000000000000127ce7060e20de0f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/VMwcVjV0yficHbKNSPb6lRu9KFg>
Subject: Re: [Acme] [Technical Errata Reported] RFC8555 (6364)
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Jan 2024 16:03:13 -0000
Adding "or false" to the existing sentence seems correct to me, as a technical erratum. Adding the sentence regarding pre-authorizations is purely editorial; there is already text elsewhere in the document which makes that clear. Aaron On Thu, Jan 4, 2024 at 3:32 AM Deb Cooley <debcooley1@gmail.com> wrote: > Today's Errata.... This looks editorial to me. Opinions? > > Deb > > On Wed, Dec 23, 2020 at 11:22 AM RFC Errata System < > rfc-editor@rfc-editor.org> wrote: > >> The following errata report has been submitted for RFC8555, >> "Automatic Certificate Management Environment (ACME)". >> >> -------------------------------------- >> You may review the report below and at: >> https://www.rfc-editor.org/errata/eid6364 >> >> -------------------------------------- >> Type: Technical >> Reported by: Evangelos Karatsiolis <ekaratsiolis@mtg.de> >> >> Section: 7.1.4 >> >> Original Text >> ------------- >> wildcard (optional, boolean): This field MUST be present and true >> for authorizations created as a result of a newOrder request >> containing a DNS identifier with a value that was a wildcard >> domain name. For other authorizations, it MUST be absent. >> Wildcard domain names are described in Section 7.1.3. >> >> Corrected Text >> -------------- >> wildcard (optional, boolean): This field MUST be present and true >> for authorizations created as a result of a newOrder request >> containing a DNS identifier with a value that was a wildcard >> domain name. For other authorizations, it MUST be absent or >> false. For pre-authorizations, it MUST be absent or false. >> Wildcard domain names are described in Section 7.1.3. >> >> Notes >> ----- >> This section states that the wildcard field must be absent for other >> authorizations, but the example in this section has an explicitly set >> wildcard field with value false. The proposed change allows both options, >> either omitting it or explicitly setting it to false. Also a sentence has >> been added to explicitly describe the behavior for pre-authorizations. >> >> Instructions: >> ------------- >> This erratum is currently posted as "Reported". If necessary, please >> use "Reply All" to discuss whether it should be verified or >> rejected. When a decision is reached, the verifying party >> can log in to change the status and edit the report, if necessary. >> >> -------------------------------------- >> RFC8555 (draft-ietf-acme-acme-18) >> -------------------------------------- >> Title : Automatic Certificate Management Environment (ACME) >> Publication Date : March 2019 >> Author(s) : R. Barnes, J. Hoffman-Andrews, D. McCarney, J. >> Kasten >> Category : PROPOSED STANDARD >> Source : Automated Certificate Management Environment >> Area : Security >> Stream : IETF >> Verifying Party : IESG >> >> _______________________________________________ >> Acme mailing list >> Acme@ietf.org >> https://www.ietf.org/mailman/listinfo/acme >> > _______________________________________________ > Acme mailing list > Acme@ietf.org > https://www.ietf.org/mailman/listinfo/acme >
- [Acme] [Technical Errata Reported] RFC8555 (6364) RFC Errata System
- Re: [Acme] [Technical Errata Reported] RFC8555 (6… Deb Cooley
- Re: [Acme] [Technical Errata Reported] RFC8555 (6… Aaron Gable
- Re: [Acme] [Technical Errata Reported] RFC8555 (6… Jacob Hoffman-Andrews