RFC 5191, "Protocol for Carrying Authentication for Network Access (PANA)", May 2008Source of RFC: pana (int)
Errata ID: 3439
Reported By: Yoshihiro Ohba
Date Reported: 2012-12-27
Verifier Name: Brian Haberman
Date Verified: 2013-01-07
Section 8.3 says:
All PANA implementations MUST support AUTH_HMAC_SHA1_160 (7) [RFC4595].
It should say:
All PANA implementations MUST support AUTH_HMAC_SHA1_160 (7) [RFC4595] with a key length of 20 octets.
RFC 4595 refers to FC-SP (INCITS Technical Committee T11, ANSI INCITS xxx-200x, "Fibre Channel - Security Protocols (FC-SP)") which refers to RFC 2104 for HMAC. However, since RFC 2104 allows variable key length, a fixed key length needs to be specified in RFC 5191 to avoid a potential interoperability problem.