Re: [Acme] [Technical Errata Reported] RFC8555 (5729)

[Richard Barnes]

+1

On Thu, May 23, 2019 at 7:43 PM Jacob Hoffman-Andrews  wrote:

> I believe this should be verified.
>
___
Acme mailing list
Acme@ietf.org
https://www.ietf.org/mailman/listinfo/acme

Re: [Acme] [Technical Errata Reported] RFC8555 (5729)

[Jacob Hoffman-Andrews]

I believe this should be verified.

___
Acme mailing list
Acme@ietf.org
https://www.ietf.org/mailman/listinfo/acme

[Acme] [Technical Errata Reported] RFC8555 (5729)

[RFC Errata System]

The following errata report has been submitted for RFC8555,
"Automatic Certificate Management Environment (ACME)".

--
You may review the report below and at:
http://www.rfc-editor.org/errata/eid5729

--
Type: Technical
Reported by: Rob Stradling 

Section: 7.5.1

Original Text
-
The client indicates to the server that it is ready for the challenge
validation by sending an empty JSON body ("{}") carried in a POST
request to the challenge URL (not the authorization URL).

Corrected Text
--
The client indicates to the server that it is ready for the challenge
validation by sending a POST request to the challenge URL (not the
authorization URL), where the body of the POST request is a JWS object
whose JSON payload is a response object (see Section 8).  For all
challenge types defined in this document, the response object is the
empty JSON object ("{}").

Notes
-
It's clear from other text in section 7.5.1 that the "empty JSON body" is 
interpreted by the ACME server as a "response object".  (The first function of 
this erratum is to clarify this point).

Section 8 says that "The definition of a challenge type includes...Contents of 
response objects", and section 7.5.1 notes that "the challenges in this 
document do not define any response fields, but future specifications might 
define them".  (The second function of this erratum is to permit clients to 
send response objects that contain response fields).

Instructions:
-
This erratum is currently posted as "Reported". If necessary, please
use "Reply All" to discuss whether it should be verified or
rejected. When a decision is reached, the verifying party  
can log in to change the status and edit the report, if necessary. 

--
RFC8555 (draft-ietf-acme-acme-18)
--
Title   : Automatic Certificate Management Environment (ACME)
Publication Date: March 2019
Author(s)   : R. Barnes, J. Hoffman-Andrews, D. McCarney, J. Kasten
Category: PROPOSED STANDARD
Source  : Automated Certificate Management Environment
Area: Security
Stream  : IETF
Verifying Party : IESG

___
Acme mailing list
Acme@ietf.org
https://www.ietf.org/mailman/listinfo/acme