Re: [Acme] Responding to challenges - spec bug?
Rob Stradling <rob@sectigo.com> Thu, 23 May 2019 09:55 UTC
Return-Path: <rob@sectigo.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BCDA61201B8 for <acme@ietfa.amsl.com>; Thu, 23 May 2019 02:55:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=comodoca.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g_NWrq35YO5X for <acme@ietfa.amsl.com>; Thu, 23 May 2019 02:55:48 -0700 (PDT)
Received: from NAM01-BY2-obe.outbound.protection.outlook.com (mail-eopbgr810072.outbound.protection.outlook.com [40.107.81.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 68BC212018B for <acme@ietf.org>; Thu, 23 May 2019 02:55:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comodoca.onmicrosoft.com; s=selector1-comodoca-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=lRgLuc7XG3x1MkpcSgaHEeQfzRfsBmrgQfbc0V3nUlM=; b=Ju+HvfU7EJBqtU22mouOhcoFy6h+tMT6fi0fQHf0ByWN3iWUgJf4pFvX0fllDjI5mGFvImaR7r1ck79Mv7aI3Wc1xBQhg90d1/gRAZOJZjj7FjtzOk/tcRmMsXvNeAygaa66XkToQbXWY2ruLT/c8x64mKzomWAfrMMi4cdO7wo=
Received: from DM6PR17MB2251.namprd17.prod.outlook.com (20.176.92.149) by DM6PR17MB2921.namprd17.prod.outlook.com (20.178.228.12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1922.15; Thu, 23 May 2019 09:55:45 +0000
Received: from DM6PR17MB2251.namprd17.prod.outlook.com ([fe80::f96d:65b0:2e92:c71a]) by DM6PR17MB2251.namprd17.prod.outlook.com ([fe80::f96d:65b0:2e92:c71a%5]) with mapi id 15.20.1922.017; Thu, 23 May 2019 09:55:45 +0000
From: Rob Stradling <rob@sectigo.com>
To: "cpu@letsencrypt.org" <cpu@letsencrypt.org>
CC: "acme@ietf.org" <acme@ietf.org>, Jörn Heissler <acme-specs@joern.heissler.de>
Thread-Topic: [Acme] Responding to challenges - spec bug?
Thread-Index: AQHVDySRkPLfiLdtEEab2D83pFarqKZ0ZlkAgAKf3QCAAEnvgIABLOuA
Date: Thu, 23 May 2019 09:55:45 +0000
Message-ID: <3e22ded9-bc99-0588-953b-ce19286e35d1@sectigo.com>
References: <a5d40c1b-d412-33b6-baf0-103a0ce7dc60@sectigo.com> <20190520192917.GL1740@carrot.tutnicht.de> <1c0708c6-8e64-4897-a6ab-66c50f44bd17@sectigo.com> <CAKnbcLjZqCJ=OjjLLEzp2rrJfg5ZM_6FqeZ_0_8kXD9zA0KCTw@mail.gmail.com>
In-Reply-To: <CAKnbcLjZqCJ=OjjLLEzp2rrJfg5ZM_6FqeZ_0_8kXD9zA0KCTw@mail.gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-clientproxiedby: LO2P265CA0123.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:9f::15) To DM6PR17MB2251.namprd17.prod.outlook.com (2603:10b6:5:b9::21)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=rob@sectigo.com;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [2a0e:ac00:12e:8180:f68e:38ff:fe7a:a226]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 6d092043-eb28-44db-d5f5-08d6df64d2f6
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600141)(711020)(4605104)(2017052603328)(7193020); SRVR:DM6PR17MB2921;
x-ms-traffictypediagnostic: DM6PR17MB2921:
x-ms-exchange-purlcount: 1
x-microsoft-antispam-prvs: <DM6PR17MB2921CDCC0C53086070EAD8F0AA010@DM6PR17MB2921.namprd17.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:6790;
x-forefront-prvs: 00462943DE
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(366004)(376002)(39850400004)(396003)(136003)(346002)(189003)(199004)(316002)(14444005)(68736007)(256004)(966005)(54906003)(14454004)(478600001)(99286004)(31686004)(5660300002)(305945005)(2351001)(2501003)(8936002)(7736002)(81156014)(81166006)(8676002)(1730700003)(66574012)(36756003)(71200400001)(71190400001)(53936002)(6246003)(4326008)(25786009)(66946007)(386003)(2906002)(186003)(66446008)(64756008)(66556008)(66476007)(6506007)(53546011)(6916009)(73956011)(31696002)(86362001)(6436002)(6116002)(6512007)(6486002)(52116002)(5640700003)(102836004)(6306002)(76176011)(229853002)(476003)(11346002)(446003)(486006)(46003)(2616005); DIR:OUT; SFP:1101; SCL:1; SRVR:DM6PR17MB2921; H:DM6PR17MB2251.namprd17.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: sectigo.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 6B/wT3ZzvkEF4DnWoFLzRvv6/LTluMiZY/MR2KFJ3Rgbw2+yLBQZPFoLAh13NapY/UiNXaAQcWkSX7U9/2hvFe29cw6dlPwN/Ykdf9mE4XFusAzyVpX9ESWgQDeYG3RvDViKsVYHueh4V6SIEI60LrRrsWXNlW9sRuVGPpLORdOqd3cM7kGGgXd8rigfheZAEHXBzNP7OAs7wlhEsScHmSemp4BXTK9X99QXYjrwJRM1hFqX6KWmNawVmZtKFQuRe2/xHhlUaTFP0a2zNDqepnN7PGLHjEq2K34S22NbYPhtrMidBuX7R74lIxZfDsAS7ieYKWzp9tPWiAKtmubPCYr3YizzQQ1AxLRWDET11v25wYlHCUbyR9gvB4dS5vwCqL01/Dfx55IzwTodYEMsHWaDImOK2FD4INbdhI+cb9I=
Content-Type: text/plain; charset="utf-8"
Content-ID: <4695453048EB5E409E8EB250D0729419@namprd17.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: sectigo.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 6d092043-eb28-44db-d5f5-08d6df64d2f6
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 May 2019 09:55:45.6405 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 0e9c4894-6caa-465d-9660-4b6968b49fb7
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: robs@comodoca.net
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR17MB2921
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/sg1wLku4LhXIY4wnMBtb6DejdhY>
Subject: Re: [Acme] Responding to challenges - spec bug?
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 May 2019 09:56:00 -0000
Thanks Daniel. On 22/05/2019 16:58, Daniel McCarney wrote: > Thanks Rob, I also agree this is a valid erratum finding with the spec. > > On Wed, May 22, 2019 at 7:34 AM Rob Stradling <rob@sectigo.com > <mailto:rob@sectigo.com>> wrote: > > On 20/05/2019 20:29, Jörn Heissler wrote: > > On Mon, May 20, 2019 at 15:56:21 +0000, Rob Stradling wrote: > >> How would folks feel about an erratum to change that sentence in > section > >> 7.5.1 to the following: > >> 'The client indicates to the server that it is ready for the > challenge > >> validation by sending a POST request to the challenge URL > (not the > >> authorization URL), where the body of the POST request is a JWS > >> object whose JSON payload is a response object (see Section > 8). For > >> all challenge types defined in this document, the response > object is > >> the empty JSON object ({}).' > >> ? > > > > Hello, > > > > I agree with your finding and your suggested erratum. > > Thanks Jörn. > > I've filed an erratum for this: > https://www.rfc-editor.org/errata/eid5729 -- Rob Stradling Senior Research & Development Scientist Sectigo Limited
- [Acme] Responding to challenges - spec bug? Rob Stradling
- Re: [Acme] Responding to challenges - spec bug? Jörn Heissler
- Re: [Acme] Responding to challenges - spec bug? Rob Stradling
- Re: [Acme] Responding to challenges - spec bug? Daniel McCarney
- Re: [Acme] Responding to challenges - spec bug? Rob Stradling