Errata Search
RFC Number:		Errata ID:
Source of RFC		Status:	All/Any Verified+Reported Verified Reported Held for Document Update Rejected
Area Acronym:	All/Any app art gen int ops rai rtg sec tsv wit	Type:	All/Any Editorial Technical
WG Acronym:		Submitter Name:
Other:	All/Any IAB INDEPENDENT IRTF Legacy Editorial	Date Submitted:
Summary Table Full Records

Found 3 records.

Status: Verified (2)

RFC 5656, "Elliptic Curve Algorithm Integration in the Secure Shell Transport Layer", December 2009

Source of RFC: IETF - NON WORKING GROUP
Area Assignment: sec

Errata ID: 1960
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Alfred Hoenes
Date Reported: 2009-12-17
Verifier Name: Sean Turner
Date Verified: 2010-07-30

Section 6.2,2nd para says:

|  For example, the method name for ECDH key exchange with ephemeral
|  keys generated on the nistp256 curve is "ecdsa-sha2-nistp256".

It should say:

                                    vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
|  For example, the method name for the SSH ECC public key algorithm
|  using the nistp256 curve is "ecdsa-sha2-nistp256".
   ^^^^^

Notes:

Rationale: The RFC text inadvertently mixes content appropriate for
Section 6.2 with content in Section 6.3; the current text would cause
a contradiction with 6.3, as can be seen from the 2nd para in 6.3.

Errata ID: 4207
Status: Verified
Type: Editorial
Publication Format(s) : TEXT
Reported By: Alex Gaynor
Date Reported: 2014-12-23
Verifier Name: Kathleen Moriarty
Date Verified: 2015-03-24

Section 12.1 says:

   [SEC1]         Standards for Efficient Cryptography Group, "Elliptic
                  Curve Cryptography", SEC 1, May 2009,
                  <http://www.secg.org/download/aid-780/sec1-v2.pdf>.

   [SEC2]         Standards for Efficient Cryptography Group,
                  "Recommended Elliptic Curve Domain Parameters", SEC 2,
                  September 2000,
                  <http://www.secg.org/download/aid-386/sec2_final.pdf>.

It should say:

  [SEC1]         Standards for Efficient Cryptography Group, "Elliptic
                 Curve Cryptography", SEC 1, May 2009,
                 <http://www.secg.org/sec1-v2.pdf>.

  [SEC2]         Standards for Efficient Cryptography Group,
                 "Recommended Elliptic Curve Domain Parameters", SEC 2,
                 September 2000,
                 <http://www.secg.org/SEC2-Ver-1.0.pdf>.

Notes:

The link presented in these references are now 404s.

Corrected text was provided by Douglas Stebila.

Verified the issue with old links and verified the new links have the referenced documents.

Status: Held for Document Update (1)

RFC 5656, "Elliptic Curve Algorithm Integration in the Secure Shell Transport Layer", December 2009

Source of RFC: IETF - NON WORKING GROUP
Area Assignment: sec

Errata ID: 2710
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT
Reported By: Mattias Wadenstein
Date Reported: 2011-02-10
Held for Document Update by: Tim Polk
Date Held: 2011-03-09

Section 9 says:

The SHA2 family 
consists of four variants -- SHA-224, SHA-256, SHA-384, and SHA-521 
-- named after their digest lengths.

It should say:

The SHA2 family 
consists of four variants -- SHA-224, SHA-256, SHA-384, and SHA-512 
-- named after their digest lengths.

Notes:

The SHA2 family has a SHA-512 variant, not SHA-521.

Report New Errata