RFC 8555, "Automatic Certificate Management Environment (ACME)", March 2019Source of RFC: acme (sec)
Errata ID: 5732
Reported By: Rob Stradling
Date Reported: 2019-05-23
Section 8 says:
A challenge object with an error MUST have status equal to "invalid".
It should say:
A challenge object with an error MUST have status equal to "processing" or "invalid".
Section 8.2 says that 'The server MUST add an entry to the "error" field in the challenge after each failed validation query'. However, if the challenge must then become "invalid", it is never possible to retry any validation query (because "invalid" is a final state for a challenge object).
This erratum is necessary to permit validation query retries to ever happen.