Re: [Acme] [Technical Errata Reported] RFC8555 (5861)

2024-02-12 Thread Aaron Gable
Looks good to me. Aaron On Fri, Feb 9, 2024 at 3:39 AM Deb Cooley wrote: > The ADs can edit the language of an errata. If we can agree on the > language, they can modify the errata and then mark it as Verified. Below > is what I have for this: > > -- >

Re: [Acme] [Technical Errata Reported] RFC8555 (5861)

2024-02-09 Thread Deb Cooley
The ADs can edit the language of an errata. If we can agree on the language, they can modify the errata and then mark it as Verified. Below is what I have for this: -- Errata old: Section 7.4.1, It should say: If a server receives a newAuthz request

Re: [Acme] [Technical Errata Reported] RFC8555 (5861)

2024-01-04 Thread Jacob Hoffman-Andrews
> That’s fair. The text should probably state something along the lines of > > “If the server has an existing authorization for the identifier, depending on > server policy, the server may return a 200 (OK) response with the existing > authorization URL in the Location header field and the

Re: [Acme] [Technical Errata Reported] RFC8555 (5861)

2024-01-04 Thread Owen Friel (ofriel)
ch.edu; c...@letsencrypt.org; Owen Friel (ofriel) Cc: r...@cert.org; ynir.i...@gmail.com; acme@ietf.org; rfc-edi...@rfc-editor.org Subject: Re: [Acme] [Technical Errata Reported] RFC8555 (5861) This overspecifies things. When someone requests to create a new authorization object (or requests

Re: [Acme] [Technical Errata Reported] RFC8555 (5861)

2024-01-04 Thread Deb Cooley
Thanks. I'll mark this as 'Rejected'. If Owen wants to resubmit it taking this into account, he can. Deb On Wed, Jan 3, 2024 at 3:28 PM Jacob Hoffman-Andrews wrote: > This overspecifies things. When someone requests to create a new > authorization object (or requests to create a new order

Re: [Acme] [Technical Errata Reported] RFC8555 (5861)

2024-01-03 Thread Jacob Hoffman-Andrews
This overspecifies things. When someone requests to create a new authorization object (or requests to create a new order object that would necessitate creation of new authorization objects), it is up to server policy whether to reuse an existing authorization or not. For instance a server might

Re: [Acme] [Technical Errata Reported] RFC8555 (5861)

2024-01-03 Thread Aaron Gable
Agreed on all counts. It is a sensible addition, and is likely the approach that would be taken by ACME servers that implement pre-authorization. To address Seo's good point, I would suggest inserting the text *just before* the last paragraph of Section 7.4.1, and phrasing it as: "If the

Re: [Acme] [Technical Errata Reported] RFC8555 (5861)

2024-01-03 Thread Seo Suchan
Think it should limit to authz with valid or pending state, and for same account. Finalized auths are still exsit on server; and other accounts may have auth for it On 2024년 1월 3일 오후 8시 36분 37초 GMT+09:00, Deb Cooley 작성함: >Happy New Year! > >I'm going through acme's errata. This one was

Re: [Acme] [Technical Errata Reported] RFC8555 (5861)

2024-01-03 Thread Deb Cooley
Happy New Year! I'm going through acme's errata. This one was reported, but crickets on any responses from the authors (or others). It looks like a sensible addition to me, but I'd like confirmation. Thanks Deb On Mon, Sep 23, 2019 at 8:50 AM RFC Errata System wrote: > The following errata

[Acme] [Technical Errata Reported] RFC8555 (5861)

2019-09-23 Thread RFC Errata System
The following errata report has been submitted for RFC8555, "Automatic Certificate Management Environment (ACME)". -- You may review the report below and at: https://www.rfc-editor.org/errata/eid5861 -- Type: Technical