RFC 7030, "Enrollment over Secure Transport", October 2013

Note: This RFC has been updated by RFC 8951, RFC 8996

Errata ID: 5108
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT
Reported By: Sean Turner
Date Reported: 2017-09-07
Held for Document Update by: Roman Danyliw
Date Held: 2020-08-19

Section 4.2.3, 4.4.2 says:

OLD from s.4.2.3:

  If the content-type is not set, the response data MUST be a plaintext
  human-readable error message containing explanatory information
  describing why the request was rejected (for example, indicating that
  CSR attributes are incomplete).

OLD from s4.4.2:

  If the content-type is not set, the response data MUST be a plaintext
  human-readable error message.

It should say:

NEW for s4.2.3:

  If the content-type is not set, the response data must be a plaintext
  human-readable error message containing explanatory information
  describing why the request was rejected (for example, indicating that
  CSR attributes are incomplete).  Servers MAY use the "text/plain”
  content-type [RFC2046] for human-readable errors.

NEW for s4.4.2:

  If the content-type is not set, the response data must be a plaintext
  human-readable error message. Servers MAY use the "text/plain”
  content-type [RFC2046] for human-readable errors.

Notes:

The current text is somewhat unclear as to what content-type needs to be used for the human-readable error. There are many human-readable content-types, but "text/plain" seems to be the most sensible.

Note that the MUST was reduced to a must because no content-type is specified.

Report New Errata