Errata Search
RFC Number:		Errata ID:
Source of RFC		Status:	All/Any Verified+Reported Verified Reported Held for Document Update Rejected
Area Acronym:	All/Any app art gen int ops rai rtg sec tsv wit	Type:	All/Any Editorial Technical
WG Acronym:		Submitter Name:
Other:	All/Any IAB INDEPENDENT IRTF Legacy Editorial	Date Submitted:
Summary Table Full Records

Found 3 records.

Status: Verified (2)

RFC 5755, "An Internet Attribute Certificate Profile for Authorization", January 2010

Source of RFC: pkix (sec)

Errata ID: 3731
Status: Verified
Type: Editorial
Publication Format(s) : TEXT
Reported By: Leonardo Cotta de Almeida
Date Reported: 2013-09-18
Verifier Name: Barry Leiba
Date Verified: 2014-01-14

Section 7.1 says:

   Within EnvelopedData, the encapsulatedContentInfo identifies the
   content type carried within the ciphertext.  In this case, the
   contentType field of encapsulatedContentInfo MUST contain id-ct-
   attrCertEncAttrs, which has the following value:

It should say:

   Within EnvelopedData, the encryptedContentInfo identifies the
   content type carried within the ciphertext.  In this case, the
   contentType field of encryptedContentInfo MUST contain id-ct-
   attrCertEncAttrs, which has the following value:

Notes:

The EnvelopedData structure has no "EncapsulatedContentInfo". It has a "EncryptedContentInfo":

EnvelopedData ::= SEQUENCE {
version CMSVersion,
originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
recipientInfos RecipientInfos,
encryptedContentInfo EncryptedContentInfo,
unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL }

CMS objects that carry a "EncapsulatedContentInfo" are of type "SignedData":

SignedData ::= SEQUENCE {
version CMSVersion,
digestAlgorithms DigestAlgorithmIdentifiers,
encapContentInfo EncapsulatedContentInfo,
certificates [0] IMPLICIT CertificateSet OPTIONAL,
crls [1] IMPLICIT RevocationInfoChoices OPTIONAL,
signerInfos SignerInfos }

Source: RFC 5652 (unchanged at least since RFC 3852).

Errata ID: 4541
Status: Verified
Type: Editorial
Publication Format(s) : TEXT
Reported By: Vlad Semenov
Date Reported: 2015-11-20
Verifier Name: Stephen Farrell
Date Verified: 2015-11-20

Section 4.3.4 says:

      name           id-ce-authorityInfoAccess
      OID            { id-pe 1 }

It should say:

      name           id-pe-authorityInfoAccess
      OID            { id-pe 1 }

Notes:

id-pe-authorityInfoAccess OBJECT IDENTIFIER ::= { id-pe 1 } is defined in http://tools.ietf.org/html/rfc5280#section-4.2.2.1

Status: Reported (1)

RFC 5755, "An Internet Attribute Certificate Profile for Authorization", January 2010

Source of RFC: pkix (sec)

Errata ID: 6567
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Russ Housley
Date Reported: 2021-05-01

Section Appendix B says:

   GeneralName, GeneralNames, id-ce, AuthorityKeyIdentifier,
   AuthorityInfoAccessSyntax, CRLDistributionPoint
     FROM PKIX1Implicit88

It should say:

   GeneralName, GeneralNames, id-ce, AuthorityKeyIdentifier,
   AuthorityInfoAccessSyntax
     FROM PKIX1Implicit88

Notes:

CRLDistributionPoint is part of the IMPORTS statement, but it is not used in the definitions that follow.

Report New Errata