Hi Qin, Thanks for the review, responses inline.
> 1. Section 2; s/ as defined in Part Special Hostnames/ as defined in Special Hostnames part Unfortunately, the xml2rfc format does not allow changing how this reference is formatted, so it will stay like that. > Which section of ACME document two methods, can you provide method name or referenced section in ACME? Can you provide references for ACME in this paragraph. This refers to the "http-01" and "tls-alpn-01" discussed in the immediately preceding paragraphs. I will add their names to this paragraph to make that clearer. > How does the server know nonce was generated 30+ days ago? This is explicitly not defined. It is up to individual ACME server operators to decide how to comply. > Is NL standing for Newline or something else? There is no explanation in the text. 5. See the immediately preceding paragraph for a reference to the Tor document meta-format. > Would you like to clarify whether “onionCAARquired” error is also linked to inBandOnionCAA required? If they are not the same thing, can you provide an example for “onionCAARequired” Error Example? If they are the same thing, I feel the word “Additional” introducing ambiguity. I will adjust the wording to make it clearer the two refer to the same thing. > I am not sure “standard” is right term used in this draft? Should we replace “in this standard” with “in this specification” I will replace "in this standard" with "in this document". Q ------------------------------ Any statements contained in this email are personal to the author and are not necessarily the statements of the company unless specifically stated. AS207960 Cyfyngedig, having a registered office at 13 Pen-y-lan Terrace, Caerdydd, Cymru, CF23 9EU, trading as Glauca Digital, is a company registered in Wales under № 12417574 <https://find-and-update.company-information.service.gov.uk/company/12417574>, LEI 875500FXNCJPAPF3PD10. ICO register №: ZA782876 <https://ico.org.uk/ESDWebPages/Entry/ZA782876>. UK VAT №: GB378323867. EU VAT №: EU372013983. Turkish VAT №: 0861333524. South Korean VAT №: 522-80-03080. AS207960 Ewrop OÜ, having a registered office at Lääne-Viru maakond, Tapa vald, Porkuni küla, Lossi tn 1, 46001, trading as Glauca Digital, is a company registered in Estonia under № 16755226. Estonian VAT №: EE102625532. Glauca Digital and the Glauca logo are registered trademarks in the UK, under № UK00003718474 and № UK00003718468, respectively. Ar Llun, 30 Rhag 2024 am 14:05 Qin Wu via Datatracker <nore...@ietf.org> ysgrifennodd: > Reviewer: Qin Wu > Review result: Has Nits > > I have reviewed this document as part of the Operational directorate's > ongoing > effort to review all IETF documents being processed by the IESG. These > comments were written with the intent of improving the operational aspects > of > the IETF drafts. Comments that are not addressed in last call may be > included > in AD reviews during the IESG review. Document editors and WG chairs > should > treat these comments just like any other last call comments. > > This draft extensions to the Automated Certificate Management Environment > (ACME) to allow for the automatic issuance of certificates to Tor hidden > services > > This document is on the right track and ready for publication. I have the > following comments on v-05: Major issues: None > > Minor issues > 1. Section 2 > s/ as defined in Part Special Hostnames/ as defined in Special Hostnames > part > 2. Section 3.2 said > “ The two methods already defined in ACME and allowed by the CA/BF do > not allow issuance of wildcard certificates. > ” > Which section of ACME document two methods, can you provide method name or > referenced section in ACME? Can you provide references for ACME in this > paragraph. Also I believe “the” in “The two methods” are not needed. 3. > Section > 3.2 said: “ A response generated using this nonce MUST NOT be accepted > by the > ACME server if the nonce used was generated by the server more > than 30 days ago. > ” > How does the server know nonce was generated 30+ days ago? > 4. Section 6 said: > “ "caa" SP flags SP tag SP value NL > [Any number of times] > ” > Is NL standing for Newline or something else? There is no explanation in > the > text. 5. Section 6.4.1 said: “the ACME client does not > provide an "onionCAA" object in its finalize request the ACME server > MUST respond with an "onionCAARequired" error to indicate this > ” > Further, section 6.4.1 said: > “ Additionally, a new field is defined in the directory "meta" object > to signal this. > > inBandOnionCAARequired (optional, boolean) If true, the ACME server > requires the client to provide the CAA record set in the finalize > request. If false or absent the ACME server does not require the > client to provide the CAA record set is this manner. > ” > Would you like to clarify whether “onionCAARquired” error is also linked to > inBandOnionCAA required? If they are not the same thing, can you provide an > example for “onionCAARequired” Error Example? If they are the same thing, I > feel the word “Additional” introducing ambiguity. 6. I am not sure > “standard” > is right term used in this draft? Should we replace “in this standard” > with “in > this specification” > > > >
_______________________________________________ Acme mailing list -- acme@ietf.org To unsubscribe send an email to acme-le...@ietf.org
