Brian, Fantastic, thank you for the responses! One further comment inline.
On Thu, Sep 30, 2021 at 3:28 PM Brian Sipos <[email protected]> wrote: > BS1: This is to handle a basic property that BP bundles are necessarily > independent units, unidirectional, and (currently) have no "conversation" > or "flow" associations at the BP layer. Any associations between bundles > must be made at the application layer above, so in fact tuple (token-chal, > token-bundle) is the *only* way for an ACME Server to correlate the two > bundles. > This is the same way that RFC8823 uses to correlate the two emails. > Because email and bundles both have similar logical patterns of transport, > this Node ID validation is intended to have the same structure and security > properties as the email validation. > RFC8823 sends the two tokens via separate mechanisms: token-part1 (corresponding to token-bundle) is sent only in the email, and token-part2 (corresponding to token-chall) is provided only via the Challenge object over HTTPS to the ACME client. This draft differs, in that both token-chall *and* token-bundle are provided in the Challenge Bundle. I believe that an ACME Server, rather than its BP Agent, should be responsible for verifying that the Response Bundle is correct, so there is no need for the Server's BP Agent to ever be aware of token-chall at all, just as in RFC8823 there is no reason for the Server's email agent to ever be aware of the token-part2 that is part of the Challenge object. Thanks, Aaron
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
