RFC Errata
RFC 6030, "Portable Symmetric Key Container (PSKC)", October 2010
Source of RFC: keyprov (sec)
Errata ID: 3369
Status: Rejected
Type: Technical
Publication Format(s) : TEXT
Reported By: Simon Josefsson
Date Reported: 2012-10-03
Rejected by: Sean Turner
Date Rejected: 2013-03-16
Section 4.3.1 says:
<Manufacturer>: This element indicates the manufacturer of the device. Values for the <Manufacturer> element MUST be taken from either [OATHMAN] prefixes (i.e., the left column) or from the IANA Private Enterprise Number Registry [IANAPENREG], using the Organization value. When the value is taken from [OATHMAN], "oath." MUST be prepended to the value (e.g., "oath.<prefix value from [OATHMAN]>"). When the value is taken from [IANAPENREG], "iana." MUST be prepended to the value (e.g., "iana.<Organization value from [IANAPENREG]>").
It should say:
<Manufacturer>: This element indicates the manufacturer of the device. Values for the <Manufacturer> element MAY be taken from either [OATHMAN] prefixes (i.e., the left column) or from the IANA Private Enterprise Number Registry [IANAPENREG], using the Organization value. When the value is taken from [OATHMAN], "oath." MUST be prepended to the value (e.g., "oath.<prefix value from [OATHMAN]>"). When the value is taken from [IANAPENREG], "iana." MUST be prepended to the value (e.g., "iana.<Organization value from [IANAPENREG]>").
Notes:
The only thing changed is relaxing MUST to MAY.
The requirement that manufacturer strings begin with "oath." and "iana." is often ignored by implementations/deployments. Further, none of the examples throughout the document conform to the syntax. While we could regard these as implementation/deployment and editorial document bugs, I would argue that we could just as well relax the technical requirement because there appears to be no harm in allowing free-form text. This is what people appear to be using out there already.
Examples of non-conforming <Manufacturer> fields out there:
http://tools.ietf.org/html/draft-hoyer-keyprov-pskc-algorithm-profiles-01
http://download.gooze.eu/otp/seeds/20120919-test001-4282.xml
--VERIFIER NOTES--
Changing the requirement from MUST to MAY is not appropriate to do in an errata. Please produce a draft and we can see whether your change is acceptable to the rest of the IETF.