RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

Found 1 record.

Status: Reported (1)

RFC 4998, "Evidence Record Syntax (ERS)", August 2007

Source of RFC: ltans (sec)

Errata ID: 7411
Status: Reported
Type: Technical
Publication Format(s) : TEXT

Reported By: Florian Fischer
Date Reported: 2023-03-31

Section 5.2. says:

   4.  Concatenate each h(i) with ha(i) and generate hash values
       h(i)' = H (h(i)+ ha(i)).  For multi-document groups, this is:
       h(i_a)' = H (h(i_a)+ ha(i))
       h(i_b)' = H (h(i_b)+ ha(i)), etc.

It should say:

   4.  Concatenate each h(i) with ha(i) in binary ascending order and generate hash values
       h(i)' = H (h(i)+ ha(i)).  For multi-document groups, this is:
       h(i_a)' = H (h(i_a)+ ha(i))
       h(i_b)' = H (h(i_b)+ ha(i)), etc.

Notes:

In RFC 4998 HashTree-Renewal is specified in an ambiguous manner.

Skipping sorting before concatenating is a deviation from all other steps in RFC 4998 where hashes are concatenated.

This conclusion is supported by RFC 4998 "Figure 4" that illustrates the steps above and the explanation that follows. The relevant part is this:

h2a' = H( binary sorted and concatenated (h2a, ha(2)))

...

h2c' = H( binary sorted and concatenated (h2c, ha(2)))

So the illustration and its explanation clearly states the sorting before concatenation.

Report New Errata



Advanced Search