Re: [Acme] [Editorial Errata Reported] RFC8823 (7508)

[Alexey Melnikov]

Hi,

On 05/05/2023 01:01, RFC Errata System wrote:
The following errata report has been submitted for RFC8823,
"Extensions to Automatic Certificate Management Environment for End-User S/MIME 
Certificates".
--------------------------------------
You may review the report below and at:
https://www.rfc-editor.org/errata/eid7508

--------------------------------------
Type: Editorial
Reported by: Richard Wang<rich...@zotrus.com>

Section: 3.1 and 3.2

Original Text
-------------
Figure 1:
   Message-ID:<a2299bb.ff7...@example.org>
   From:acme-genera...@example.org
   To:ale...@example.com

Figure 2:
    Message-ID:<111-22222-3333...@example.com>
    In-Reply-To:<a2299bb.ff7...@example.org>
    From:ale...@example.com
    To:acme-genera...@example.org

Corrected Text
--------------
Figure 1:
   Message-ID:<a2299bb.ff7...@example.com>
   From:acme-genera...@example.com
   To:ale...@example.org

Figure 2:
    Message-ID:<111-22222-3333...@example.org>
    In-Reply-To:<a2299bb.ff7...@example.com>
    From:ale...@example.org
    To:acme-genera...@example.com

I generally agree that there is a problem that email messages in 
Sections 3.1 and 3.2 don't match the following challenge in Section 3:

    {
      "type": "email-reply-00",
      "url":"https://example.com/acme/chall/ABprV_B7yEyA4f";,
      "from":"acme-challenge+2i211oi1204...@example.com",
      "token": "DGyRejmCefe7v4NfDGDKfA"
    }

However I propose an alternative fix that might be smaller. I suggest to 
change the above challenge in Section 3:

OLD:

    {
      "type": "email-reply-00",
      "url": "https://example.*com*/acme/chall/ABprV_B7yEyA4f";,
      "from": "acme-challenge+2i211oi1204310@example.*com*",
      "token": "DGyRejmCefe7v4NfDGDKfA"
    }

NEW:

    {
      "type": "email-reply-00",
      "url": "https://example.*org*/acme/chall/ABprV_B7yEyA4f";,
      "from": "acme-challenge+2i211oi1204310@example.*org*",
      "token": "DGyRejmCefe7v4NfDGDKfA"
    }

After this change example.org would be the ACME server domain and 
example.com would be the user domain.*
*


Best Regards,

Alexey


Notes
-----
Accoording to RFC8555, the domain example.com used for ACME server, the 
example.org used for the Client.

Instructions:
-------------
This erratum is currently posted as "Reported". If necessary, please
use "Reply All" to discuss whether it should be verified or
rejected. When a decision is reached, the verifying party
can log in to change the status and edit the report, if necessary.

--------------------------------------
RFC8823 (draft-ietf-acme-email-smime-14)
--------------------------------------
Title               : Extensions to Automatic Certificate Management 
Environment for End-User S/MIME Certificates
Publication Date    : April 2021
Author(s)           : A. Melnikov
Category            : INFORMATIONAL
Source              : Automated Certificate Management Environment
Area                : Security
Stream              : IETF
Verifying Party     : IESG

_______________________________________________
Acme mailing list
Acme@ietf.org
https://www.ietf.org/mailman/listinfo/acme_______________________________________________
Acme mailing list
Acme@ietf.org
https://www.ietf.org/mailman/listinfo/acme