RFC Errata
RFC 8555, "Automatic Certificate Management Environment (ACME)", March 2019
Source of RFC: acme (sec)
Errata ID: 6364
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Evangelos Karatsiolis
Date Reported: 2020-12-23
Section 7.1.4 says:
wildcard (optional, boolean): This field MUST be present and true for authorizations created as a result of a newOrder request containing a DNS identifier with a value that was a wildcard domain name. For other authorizations, it MUST be absent. Wildcard domain names are described in Section 7.1.3.
It should say:
wildcard (optional, boolean): This field MUST be present and true for authorizations created as a result of a newOrder request containing a DNS identifier with a value that was a wildcard domain name. For other authorizations, it MUST be absent or false. For pre-authorizations, it MUST be absent or false. Wildcard domain names are described in Section 7.1.3.
Notes:
This section states that the wildcard field must be absent for other authorizations, but the example in this section has an explicitly set wildcard field with value false. The proposed change allows both options, either omitting it or explicitly setting it to false. Also a sentence has been added to explicitly describe the behavior for pre-authorizations.