RFC Errata
RFC 5878, "Transport Layer Security (TLS) Authorization Extensions", May 2010
Note: This RFC has been updated by RFC 8447, RFC 8996
Source of RFC: IETF - NON WORKING GROUPArea Assignment: sec
Errata ID: 3514
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT
Reported By: Ben Laurie
Date Reported: 2013-03-08
Held for Document Update by: Kathleen Moriarty
Date Held: 2015-06-05
Section 3.3 says:
17 # Handshake.msg_type == supplemental_data(23) 00 00 11 # Handshake.length = 17 00 00 0e # length of SupplementalData.supp_data = 14 40 02 # SupplementalDataEntry.supp_data_type = 16386 00 0a # SupplementalDataEntry.supp_data_length = 10 00 08 # length of AuthorizationData.authz_data_list = 8 01 # authz_format = saml_assertion(1) 00 05 # length of SAMLAssertion aa aa aa aa aa # SAML assertion (fictitious: "aa aa aa aa aa")
It should say:
17 # Handshake.msg_type == supplemental_data(23) 00 00 0f # Handshake.length = 15 00 00 0d # length of SupplementalData.supp_data = 13 40 02 # SupplementalDataEntry.supp_data_type = 16386 00 0a # SupplementalDataEntry.supp_data_length = 8 01 # authz_format = saml_assertion(1) 00 05 # length of SAMLAssertion aa aa aa aa aa # SAML assertion (fictitious: "aa aa aa aa aa")
Notes:
Per Russ Housley: We do not have an implementation that can be used to check the hex values, but they appear to be correct.