RFC Errata
RFC 4211, "Internet X.509 Public Key Infrastructure Certificate Request Message Format (CRMF)", September 2005
Note: This RFC has been updated by RFC 9045
Source of RFC: pkix (sec)
Errata ID: 2345
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT
Reported By: Alfred Hoenes
Date Reported: 2005-11-08
Held for Document Update by: Tim Polk
Date Held: 2010-07-29
Section 6.3 says:
At the bottom of page 20, says: The fields of SinglePubInfo have the following meaning: pubMethod indicates the address type for the location at which the requestor desires the certificate to be placed by the CA/RA. dontCare indicates that the CA/RA can publish the certificate in whatever locations it chooses. If dontCare is used, the pubInfos field MUST be omitted. ^^^^^ (To make the full context visible, I have shown more text than would be necessary for the errata note.) >From the context, I strongly suspect that the RFC text should say: The fields of SinglePubInfo have the following meaning: pubMethod indicates the address type for the location at which the requestor desires the certificate to be placed by the CA/RA. dontCare indicates that the CA/RA can publish the certificate in whatever locations it chooses. If dontCare is used, the pubLocation field MUST be omitted. ^^^^^^^^
It should say:
[see above]
Notes:
Rationale: pubInfos is a "SEQUENCE SIZE (1..MAX) OF SinglePubInfo".
I cannot imagine how a certain value of a SinglePubInfo instance
subfield can ever imply a MUST to omit the full enclosing structure,
pubInfos -- which would have removed this subfield as well :-) .
Perhaps, the text has been cloned from the explanation of the
'dontPublish' value of the PKIPublicationInfo.action filed given
just below the text excerpt reproduced under item (7) above
without fully applying the proper changes.