From 2b0aa0aadfb117d7b2c86006a23ce4bde09ad0d4 Mon Sep 17 00:00:00 2001 From: Daniel McCarney Date: Mon, 29 Oct 2018 13:20:49 -0400 Subject: [PATCH] TLS-ALPN-01: Update idPeAcmeIdentifierV1, draft refs. (#690) The latest versions of draft-ietf-acme-tls-alpn specify a different idPeAcmeIdentifierV1 than LEGO was previously using. The old value had a conflict with an existing assignment. This commit updates the idPeAcmeIdentifierV1 value to match draft-05 and updates any references to the draft RFC to use the latest draft number. --- acme/tls_alpn_challenge.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/acme/tls_alpn_challenge.go b/acme/tls_alpn_challenge.go index d8035199..cc70c350 100644 --- a/acme/tls_alpn_challenge.go +++ b/acme/tls_alpn_challenge.go @@ -12,8 +12,8 @@ import ( ) // idPeAcmeIdentifierV1 is the SMI Security for PKIX Certification Extension OID referencing the ACME extension. -// Reference: https://tools.ietf.org/html/draft-ietf-acme-tls-alpn-01#section-5.1 -var idPeAcmeIdentifierV1 = asn1.ObjectIdentifier{1, 3, 6, 1, 5, 5, 7, 1, 30, 1} +// Reference: https://tools.ietf.org/html/draft-ietf-acme-tls-alpn-05#section-5.1 +var idPeAcmeIdentifierV1 = asn1.ObjectIdentifier{1, 3, 6, 1, 5, 5, 7, 1, 31} type tlsALPNChallenge struct { jws *jws @@ -58,7 +58,7 @@ func TLSALPNChallengeBlocks(domain, keyAuth string) ([]byte, []byte, error) { // Add the keyAuth digest as the acmeValidation-v1 extension // (marked as critical such that it won't be used by non-ACME software). - // Reference: https://tools.ietf.org/html/draft-ietf-acme-tls-alpn-01#section-3 + // Reference: https://tools.ietf.org/html/draft-ietf-acme-tls-alpn-05#section-3 extensions := []pkix.Extension{ { Id: idPeAcmeIdentifierV1,