RFC Errata
RFC 8555, "Automatic Certificate Management Environment (ACME)", March 2019
Source of RFC: acme (sec)
Errata ID: 6276
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT
Reported By: James Manger
Date Reported: 2020-09-03
Held for Document Update by: Benjamin Kaduk
Date Held: 2020-09-04
Section 2 says:
o The CA verifies that the client controls the requested domain name(s) by having the ACME client perform some action(s) that can only be done with control of the domain name(s). For example, the CA might require a client requesting example.com to provision a DNS record under example.com or an HTTP resource under http://example.com.
It should say:
o The CA verifies that the client controls the requested domain name(s) by having the ACME client perform some action(s) that can only be done with control of the domain name(s). For example, the CA might require a client requesting example.org to provision a DNS record under example.org or an HTTP resource under http://example.org.
Notes:
The spec consistently uses example.com for an ACME CA server, and example.org for a site requesting a certificate -- except in this sentence.