Re: [Acme] [Technical Errata Reported] RFC8555 (5732)
Amir Omidi <amir@aaomidi.com> Thu, 22 February 2024 00:24 UTC
Return-Path: <amir@aaomidi.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 40197C15198C for <acme@ietfa.amsl.com>; Wed, 21 Feb 2024 16:24:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=aaomidi.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8VwckXl26eNq for <acme@ietfa.amsl.com>; Wed, 21 Feb 2024 16:24:07 -0800 (PST)
Received: from mail-lf1-x131.google.com (mail-lf1-x131.google.com [IPv6:2a00:1450:4864:20::131]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C2ADC151989 for <acme@ietf.org>; Wed, 21 Feb 2024 16:24:07 -0800 (PST)
Received: by mail-lf1-x131.google.com with SMTP id 2adb3069b0e04-512b29f82d1so5850011e87.1 for <acme@ietf.org>; Wed, 21 Feb 2024 16:24:07 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aaomidi.com; s=google; t=1708561445; x=1709166245; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=owkDI4QR7/8BH/cKIFoNPZ0Um+xbHdP/F6CSek+2r10=; b=cisatAySnux90vuW8RZEkAcYe3deSkLeD6MfC1y1RI7ujJq/1/p1N63VdyD/X7wL2r siBVQMTQ+EmwiQHFFXS+k/mHKnNIKGmq+eL8ou5gFP9HuGW5PAOitFNKitzwcdnaJHDC P1MHmg8v4U895NSOirWpwIB+lvyln6LDbMYsBoYj55nBAgZlmtK10PHxPO8Vf5C5SHxS 73NGajDxXAHwOoBgRwcWrTdUu0sFsV63e8DnFLhoSq5f0UuIc4PfvDJlFq5ly9nfJoLk GqyotHzZmodx/jMQuPozXJXEP6v55mPO8va2ziIlzwL+3Ud1bDLRh3EfMV0Wb04wqC9I C1TQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708561445; x=1709166245; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=owkDI4QR7/8BH/cKIFoNPZ0Um+xbHdP/F6CSek+2r10=; b=A/S79ksDTkP9qfxXdBYusJAe1l+33FVt/lVh82Q8jTW+ImBE8E/qSYh5xa0qg+grIK BVYcc05nQhx0dPna6q0Zyk9Wk9e4mOLTwDGKk6eweUwH9n6c+UtvHfyKvQZIkYjz3G7L RpzEMDzVJNYszb4VjDdO4mAXMhBBAL3JYkFuTwxaDD4cAezD2go0bNdW7YWJRX5Rnadf x35X4dqgtIs98RB4AuVwGlTRtRr5Euwl+F4e7sBV9KQPDer5vMjAHYsac49wdUhXBrpW jOX9OCkpx1QxQiIX33tM25QWNf4gGCi+eQon2rv+ROQqOtRnfQA8n7EY63LEQCnhOgJu apeQ==
X-Gm-Message-State: AOJu0YznR62ZnQ8TePhF/Vz9pkc5zw2FMUFGLNt1vHCHL/75hW4PW4eb DrRG22PSWm26GW/PH0GyxiNfTJi93N/bHUGz/NJDqY341cSZpt9gzEF4d12bjJd/LXIsXsJIBEa +XmZCEcb/CpTgsavxn3FmYW59F2VnZdRCWPZW6Q==
X-Google-Smtp-Source: AGHT+IFb9PkR2aOuZPE56WJHCcyPLHAvjyEGNTG+9LoIthI9H5cmwLpnHVWuXUGtbxgp2v7rBADNtfBSluDkEkq+GQY=
X-Received: by 2002:a05:6512:34cc:b0:512:d643:8ce0 with SMTP id w12-20020a05651234cc00b00512d6438ce0mr1687468lfr.3.1708561444337; Wed, 21 Feb 2024 16:24:04 -0800 (PST)
MIME-Version: 1.0
References: <20190523094613.12695B81EDB@rfc-editor.org> <35f61c4a1188b11fc6a203d7cf0c5eeb@eff.org> <dd72cc9d0a9ff028b3c8bd404700ff08@eff.org> <MW4PR17MB4729116946EFF9361790F123AA572@MW4PR17MB4729.namprd17.prod.outlook.com>
In-Reply-To: <MW4PR17MB4729116946EFF9361790F123AA572@MW4PR17MB4729.namprd17.prod.outlook.com>
From: Amir Omidi <amir@aaomidi.com>
Date: Wed, 21 Feb 2024 19:23:53 -0500
Message-ID: <CAOG=JUKgxVCqcTx-3oAgGx=M=C2bU31zbN7hZpTpuL4Y9wuF+A@mail.gmail.com>
To: Rob Stradling <rob=40sectigo.com@dmarc.ietf.org>
Cc: "acme@ietf.org" <acme@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000f79c0d0611ed75bd"
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/bLVNok6CxtaFI98rYSQmjk1s47A>
Subject: Re: [Acme] [Technical Errata Reported] RFC8555 (5732)
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Feb 2024 00:24:11 -0000
Yes please. This is something I noticed while doing a reading of this draft a while back. Amir Omidi (he/them) On Wed, Feb 21, 2024 at 16:57 Rob Stradling <rob= 40sectigo.com@dmarc.ietf.org> wrote: > Given the recent interest in processing the backlog of RFC8555 errata > reports, could I please ask again for > https://www.rfc-editor.org/errata/eid5732 to be reviewed, approved, and > marked as "Verified"? > > On 4th October 2019, Jacob wrote: > *"As an author, I think this erratum should be approved."* > (see > https://mailarchive.ietf.org/arch/msg/acme/JjLqCSwehaT406A5FxVfTOWYqkw/) > ------------------------------ > *From:* erica <erica@eff.org> > *Sent:* 29 February 2020 00:44 > *To:* RFC Errata System <rfc-editor@rfc-editor.org> > *Cc:* rlb@ipv.sx <rlb@ipv.sx>; jsha@eff.org <jsha@eff.org>; > cpu@letsencrypt.org <cpu@letsencrypt.org>; jdkasten@umich.edu < > jdkasten@umich.edu>; rdd@cert.org <rdd@cert.org>; kaduk@mit.edu < > kaduk@mit.edu>; rsalz@akamai.com <rsalz@akamai.com>; ynir.ietf@gmail.com < > ynir.ietf@gmail.com>; Rob Stradling <rob@sectigo.com>; acme@ietf.org < > acme@ietf.org> > *Subject:* Re: [Acme] [Technical Errata Reported] RFC8555 (5732) > > > CAUTION: This email originated from outside of the organization. Do not > click links or open attachments unless you recognize the sender and know > the content is safe. > > Circling back on this -- I'd still like to see this get verified; are > there any additional evidence or actions on Certbot's part that could help > with that? > > On 2019-08-23 14:02, erica wrote: > > Hi, Erica from Certbot here. I'd love to see this get verified -- it seems > impossible to implement the "retrying challenges" section as the spec > currently stands. > > On 2019-05-23 02:46, RFC Errata System wrote: > > The following errata report has been submitted for RFC8555, > "Automatic Certificate Management Environment (ACME)". > > -------------------------------------- > You may review the report below and at: > http://www.rfc-editor.org/errata/eid5732 > > -------------------------------------- > Type: Technical > Reported by: Rob Stradling <rob@sectigo.com> > > Section: 8 > > Original Text > ------------- > A challenge object with an error MUST have status > equal to "invalid". > > Corrected Text > -------------- > A challenge object with an error MUST have status > equal to "processing" or "invalid". > > Notes > ----- > Section 8.2 says that 'The server MUST add an entry to the "error" > field in the challenge after each failed validation query'. However, > if the challenge must then become "invalid", it is never possible to > retry any validation query (because "invalid" is a final state for a > challenge object). > This erratum is necessary to permit validation query retries to ever > happen. > > Instructions: > ------------- > This erratum is currently posted as "Reported". If necessary, please > use "Reply All" to discuss whether it should be verified or > rejected. When a decision is reached, the verifying party > can log in to change the status and edit the report, if necessary. > > -------------------------------------- > RFC8555 (draft-ietf-acme-acme-18) > -------------------------------------- > Title : Automatic Certificate Management Environment (ACME) > Publication Date : March 2019 > Author(s) : R. Barnes, J. Hoffman-Andrews, D. McCarney, J. Kasten > Category : PROPOSED STANDARD > Source : Automated Certificate Management Environment > Area : Security > Stream : IETF > Verifying Party : IESG > > _______________________________________________ > Acme mailing list > Acme@ietf.org > https://www.ietf.org/mailman/listinfo/acme > > _______________________________________________ > Acme mailing list > Acme@ietf.org > https://www.ietf.org/mailman/listinfo/acme >
- [Acme] [Technical Errata Reported] RFC8555 (5732) RFC Errata System
- Re: [Acme] [Technical Errata Reported] RFC8555 (5… erica
- Re: [Acme] [Technical Errata Reported] RFC8555 (5… Jacob Hoffman-Andrews
- Re: [Acme] [Technical Errata Reported] RFC8555 (5… erica
- Re: [Acme] [Technical Errata Reported] RFC8555 (5… Rob Stradling
- Re: [Acme] [Technical Errata Reported] RFC8555 (5… Amir Omidi