[Acme] [Technical Errata Reported] RFC8555 (5732)

RFC Errata System <rfc-editor@rfc-editor.org> Thu, 23 May 2019 09:46 UTC

Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id A32BA1201B8 for <acme@ietfa.amsl.com>; Thu, 23 May 2019 02:46:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id RiSv2J-jKBpe for <acme@ietfa.amsl.com>; Thu, 23 May 2019 02:46:36 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 00AD0120199 for <acme@ietf.org>; Thu, 23 May 2019 02:46:35 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id 12695B81EDB; Thu, 23 May 2019 02:46:13 -0700 (PDT)
To: rlb@ipv.sx, jsha@eff.org, cpu@letsencrypt.org, jdkasten@umich.edu, rdd@cert.org, kaduk@mit.edu, rsalz@akamai.com, ynir.ietf@gmail.com
X-PHP-Originating-Script: 30:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: rob@sectigo.com, acme@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20190523094613.12695B81EDB@rfc-editor.org>
Date: Thu, 23 May 2019 02:46:13 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/pBxlKlbA0tBoUb41o6mgejVL8pM>
X-Mailman-Approved-At: Thu, 23 May 2019 07:26:46 -0700
Subject: [Acme] [Technical Errata Reported] RFC8555 (5732)
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 May 2019 09:46:49 -0000

The following errata report has been submitted for RFC8555,
"Automatic Certificate Management Environment (ACME)".

You may review the report below and at:

Type: Technical
Reported by: Rob Stradling <rob@sectigo.com>

Section: 8

Original Text
A challenge object with an error MUST have status
equal to "invalid".

Corrected Text
A challenge object with an error MUST have status
equal to "processing" or "invalid".

Section 8.2 says that 'The server MUST add an entry to the "error" field in the challenge after each failed validation query'.  However, if the challenge must then become "invalid", it is never possible to retry any validation query (because "invalid" is a final state for a challenge object).
This erratum is necessary to permit validation query retries to ever happen.

This erratum is currently posted as "Reported". If necessary, please
use "Reply All" to discuss whether it should be verified or
rejected. When a decision is reached, the verifying party  
can log in to change the status and edit the report, if necessary. 

RFC8555 (draft-ietf-acme-acme-18)
Title               : Automatic Certificate Management Environment (ACME)
Publication Date    : March 2019
Author(s)           : R. Barnes, J. Hoffman-Andrews, D. McCarney, J. Kasten
Category            : PROPOSED STANDARD
Source              : Automated Certificate Management Environment
Area                : Security
Stream              : IETF
Verifying Party     : IESG