The following errata report has been submitted for RFC8555,
"Automatic Certificate Management Environment (ACME)".
--
You may review the report below and at:
http://www.rfc-editor.org/errata/eid5729
--
Type: Technical
Reported by: Rob Stradling
Section: 7.5.1
Original Text
-
The client indicates to the server that it is ready for the challenge
validation by sending an empty JSON body ("{}") carried in a POST
request to the challenge URL (not the authorization URL).
Corrected Text
--
The client indicates to the server that it is ready for the challenge
validation by sending a POST request to the challenge URL (not the
authorization URL), where the body of the POST request is a JWS object
whose JSON payload is a response object (see Section 8). For all
challenge types defined in this document, the response object is the
empty JSON object ("{}").
Notes
-
It's clear from other text in section 7.5.1 that the "empty JSON body" is
interpreted by the ACME server as a "response object". (The first function of
this erratum is to clarify this point).
Section 8 says that "The definition of a challenge type includes...Contents of
response objects", and section 7.5.1 notes that "the challenges in this
document do not define any response fields, but future specifications might
define them". (The second function of this erratum is to permit clients to
send response objects that contain response fields).
Instructions:
-
This erratum is currently posted as "Reported". If necessary, please
use "Reply All" to discuss whether it should be verified or
rejected. When a decision is reached, the verifying party
can log in to change the status and edit the report, if necessary.
--
RFC8555 (draft-ietf-acme-acme-18)
--
Title : Automatic Certificate Management Environment (ACME)
Publication Date: March 2019
Author(s) : R. Barnes, J. Hoffman-Andrews, D. McCarney, J. Kasten
Category: PROPOSED STANDARD
Source : Automated Certificate Management Environment
Area: Security
Stream : IETF
Verifying Party : IESG
___
Acme mailing list
Acme@ietf.org
https://www.ietf.org/mailman/listinfo/acme