IETF Logo Mail Archive

Re: [Acme] [Editorial Errata Reported] RFC8823 (7508)

Alexey Melnikov <alexey.melnikov@isode.com> Fri, 05 May 2023 14:12 UTC

Return-Path: <alexey.melnikov@isode.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 10C03C15DD44 for <acme@ietfa.amsl.com>; Fri, 5 May 2023 07:12:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isode.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HbOXPtqZCdZD for <acme@ietfa.amsl.com>; Fri, 5 May 2023 07:12:52 -0700 (PDT)
Received: from waldorf.isode.com (waldorf.isode.com [62.232.206.188]) by ietfa.amsl.com (Postfix) with ESMTP id 9C354C13AE21 for <acme@ietf.org>; Fri, 5 May 2023 07:12:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1683295971; d=isode.com; s=june2016; i=@isode.com; bh=dPdeDyhm397ZiBoEzNeiyO7QnPDPCeujmt/EOLHdgy4=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=TV1IpSYtRYcequkJ/BUlGzX7UyOY9QY7TOzeDZahEr6iTwoE45uLMTnp6b3D8xinrI1FWV g2/BKF4oAowDiK8xK/CoZ28Dkgh/yrmjs0ZE9XFt1LZNAuUjs9mjFI5uIQW/SAcI048o7t gNzY/If19bnKga74jEWY19X6rLa0KsY=;
Received: from [172.22.22.96] ((unknown) [172.22.22.96]) by waldorf.isode.com (submission channel) via TCP with ESMTPSA id <ZFUO4xBhhFBn@waldorf.isode.com>; Fri, 5 May 2023 15:12:51 +0100
X-SMTP-Protocol-Errors: NORDNS
Message-ID: <cbf4bb62-d4c7-003b-60e5-b3438e87a048@isode.com>
Date: Fri, 05 May 2023 15:12:51 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.10.0
To: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: richard@zotrus.com, acme@ietf.org
References: <20230505000116.94627563F1@rfcpa.amsl.com>
From: Alexey Melnikov <alexey.melnikov@isode.com>
In-Reply-To: <20230505000116.94627563F1@rfcpa.amsl.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="------------QXKgR60H5DshHRqDGfnrm0j7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/aoBJHoxz60zlHIzoHE4jOuS6eQk>
Subject: Re: [Acme] [Editorial Errata Reported] RFC8823 (7508)
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 May 2023 14:12:57 -0000

Hi,

On 05/05/2023 01:01, RFC Errata System wrote:
> The following errata report has been submitted for RFC8823,
> "Extensions to Automatic Certificate Management Environment for End-User S/MIME Certificates".
>
> --------------------------------------
> You may review the report below and at:
> https://www.rfc-editor.org/errata/eid7508
>
> --------------------------------------
> Type: Editorial
> Reported by: Richard Wang<richard@zotrus.com>
>
> Section: 3.1 and 3.2
>
> Original Text
> -------------
> Figure 1:
>    Message-ID:<A2299BB.FF7788@example.org>
>    From:acme-generator@example.org
>    To:alexey@example.com
>
> Figure 2:
>     Message-ID:<111-22222-3333333@example.com>
>     In-Reply-To:<A2299BB.FF7788@example.org>
>     From:alexey@example.com
>     To:acme-generator@example.org
>
> Corrected Text
> --------------
> Figure 1:
>    Message-ID:<A2299BB.FF7788@example.com>
>    From:acme-generator@example.com
>    To:alexey@example.org
>
> Figure 2:
>     Message-ID:<111-22222-3333333@example.org>
>     In-Reply-To:<A2299BB.FF7788@example.com>
>     From:alexey@example.org
>     To:acme-generator@example.com

I generally agree that there is a problem that email messages in 
Sections 3.1 and 3.2 don't match the following challenge in Section 3:

     {
       "type": "email-reply-00",
       "url":"https://example.com/acme/chall/ABprV_B7yEyA4f",
       "from":"acme-challenge+2i211oi1204310@example.com",
       "token": "DGyRejmCefe7v4NfDGDKfA"
     }

However I propose an alternative fix that might be smaller. I suggest to 
change the above challenge in Section 3:

OLD:

     {
       "type": "email-reply-00",
       "url": "https://example.*com*/acme/chall/ABprV_B7yEyA4f",
       "from": "acme-challenge+2i211oi1204310@example.*com*",
       "token": "DGyRejmCefe7v4NfDGDKfA"
     }

NEW:

     {
       "type": "email-reply-00",
       "url": "https://example.*org*/acme/chall/ABprV_B7yEyA4f",
       "from": "acme-challenge+2i211oi1204310@example.*org*",
       "token": "DGyRejmCefe7v4NfDGDKfA"
     }

After this change example.org would be the ACME server domain and 
example.com would be the user domain.*
*


Best Regards,

Alexey

>
> Notes
> -----
> Accoording to RFC8555, the domain example.com used for ACME server, the example.org used for the Client.
>
> Instructions:
> -------------
> This erratum is currently posted as "Reported". If necessary, please
> use "Reply All" to discuss whether it should be verified or
> rejected. When a decision is reached, the verifying party
> can log in to change the status and edit the report, if necessary.
>
> --------------------------------------
> RFC8823 (draft-ietf-acme-email-smime-14)
> --------------------------------------
> Title               : Extensions to Automatic Certificate Management Environment for End-User S/MIME Certificates
> Publication Date    : April 2021
> Author(s)           : A. Melnikov
> Category            : INFORMATIONAL
> Source              : Automated Certificate Management Environment
> Area                : Security
> Stream              : IETF
> Verifying Party     : IESG
>
> _______________________________________________
> Acme mailing list
> Acme@ietf.org
> https://www.ietf.org/mailman/listinfo/acme

v2.23.0 | Report a Bug | By Email