ADs: This seems like a nice clarification, but not really an error. Suggest HFDU.
On Tue, Feb 11, 2020 at 4:49 PM RFC Errata System <rfc-edi...@rfc-editor.org> wrote: > The following errata report has been submitted for RFC8555, > "Automatic Certificate Management Environment (ACME)". > > -------------------------------------- > You may review the report below and at: > https://www.rfc-editor.org/errata/eid5979 > > -------------------------------------- > Type: Technical > Reported by: jonathan vanasco <jonat...@findmeon.com> > > Section: 7.4 > > Original Text > ------------- > If the server is willing to issue the requested certificate, it > responds with a 201 (Created) response. The body of this response is > an order object reflecting the client's request and any > authorizations the client must complete before the certificate will > be issued. > > > > Corrected Text > -------------- > If the server is willing to issue the requested certificate, it > responds with a 201 (Created) response. The body of this response is > an order object reflecting the client's request and any > authorizations the client must complete before the certificate will > be issued. The server returns an order URL in a Location header field. > > > Notes > ----- > The RFC does not specify/require where the "order URL" is presented. The > RFC is very explicit about where other URLs are obtained, and the common > understanding is that the URL appears in a Location header after a > new-order. > > For example: > > In 7.3; 7.3.1; 7.3.5, the RFC explicitly declares the account URL is in > the Location header field. > > In 7.4.1 the RFC is explicit that authorization URLs in pre-authorization > appear in the Location header field. > > But the order URL is only mentioned by example: > > In 7.4, the RFC illustrates the order URL appearing in the Location header > field (All clients seem to implement this). In 7.1, the RFC shows a table > with "a typical sequence of requests" that note the "account" and "order" > URLs appear in the location header field. > > The specification should state something to the effect of "The server > returns an order URL in a Location header field." making this functionality > explicit. > > Instructions: > ------------- > This erratum is currently posted as "Reported". If necessary, please > use "Reply All" to discuss whether it should be verified or > rejected. When a decision is reached, the verifying party > can log in to change the status and edit the report, if necessary. > > -------------------------------------- > RFC8555 (draft-ietf-acme-acme-18) > -------------------------------------- > Title : Automatic Certificate Management Environment (ACME) > Publication Date : March 2019 > Author(s) : R. Barnes, J. Hoffman-Andrews, D. McCarney, J. Kasten > Category : PROPOSED STANDARD > Source : Automated Certificate Management Environment > Area : Security > Stream : IETF > Verifying Party : IESG >
_______________________________________________ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme