RFC Errata


Errata Search
 
Source of RFC  
Summary Table Full Records

RFC 6347, "Datagram Transport Layer Security Version 1.2", January 2012

Note: This RFC has been obsoleted by RFC 9147

Note: This RFC has been updated by RFC 7507, RFC 7905, RFC 8996, RFC 9146

Source of RFC: tls (sec)

Errata ID: 5186
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Chen Wumao
Date Reported: 2017-11-28

Section 4.2.4 says: 

[p17]                                                 In order to avoid
   sequence number duplication in case of multiple HelloVerifyRequests,
   the server MUST use the record sequence number in the ClientHello as
   the record sequence number in the HelloVerifyRequest.

[p17]                  In order to avoid sequence number duplication in
   case of multiple cookie exchanges, the server MUST use the record
   sequence number in the ClientHello as the record sequence number in
   its initial ServerHello.

It should say:

[p17]                                                 In order to avoid
   sequence number duplication in case of multiple HelloVerifyRequests,
   the server MUST use the message_seq in the ClientHello as
   the message_seq in the HelloVerifyRequest.

[p17]                  In order to avoid sequence number duplication in
   case of multiple cookie exchanges, the server MUST use the 
   message_seq in the ClientHello as the message_seq in
   its initial ServerHello.

Notes:

the "record sequence number" here should be message_seq.

Report New Errata



Advanced Search