RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 6962, "Certificate Transparency", June 2013

Note: This RFC has been obsoleted by RFC 9162

Source of RFC: IETF - NON WORKING GROUP
Area Assignment: sec
See Also: RFC 6962 w/ inline errata

Errata ID: 3686
Status: Verified
Type: Technical
Publication Format(s) : TEXT

Reported By: Eran Messeri
Date Reported: 2013-07-26
Verifier Name: Stephen Farrell
Date Verified: 2014-07-03

Section 4.2 says:

chain:  An array of base64-encoded Precertificates.  The first
         element is the end-entity certificate; the second chains to the
         first and so on to the last, which is either the root
         certificate or a certificate that chains to a known root
         certificate.

It should say:

chain:  An array of base64-encoded Precertificate and certificates. 
         The first element is the end-entity precertificate; the second
         chains to the first and so on to the last, which is either the
         root certificate or a certificate that chains to a known root
         certificate. Only the first element in the array may be
         a precertificate.

Notes:

The current description of Add PreCertChain implies the array may consist of multiple Precertificates. In practice it only makes sense for the first element to be a Precertificate, the following elements should be proper certificates.

Report New Errata



Advanced Search