RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

Found 2 records.

Status: Verified (2)

RFC3110, "RSA/SHA-1 SIGs and RSA KEYs in the Domain Name System (DNS)", May 2001

Source of RFC: dnsext (int)

Errata ID: 2811

Status: Verified
Type: Technical

Reported By: George Barwood
Date Reported: 2011-05-21
Verifier Name: Brian Haberman
Date Verified: 2012-05-01

Section 3 says:

Leading zero bytes are permitted in the RSA/SHA1 algorithm signature.

It should say:

Leading zero bytes MUST be added to the RSA/SHA1 algorithm signature 
so that the signature size in bytes is equal to the size of n in bytes.

Notes:

The Original Text implies that zero-padding of RSA signaturs is optional, however the underlying standard requires zero padding, http://tools.ietf.org/html/rfc2437#section-8.1.1

"4. Convert the signature representative s to a signature S of length k octets: S = I2OSP (s, k)"

where k is the length of the modulus in bytes. If the extra bytes are not added, standard RSA libraries will fail to verify the signature about 1% of the time when the padding occurs.

Errata ID: 4502

Status: Verified
Type: Editorial

Reported By: Mikko Rantanen
Date Reported: 2015-10-14
Verifier Name: Brian Haberman
Date Verified: 2015-10-14

Section 4 says:

conservative choice would be 65537 (F4, the fourth fermat number).

It should say:

conservative choice would be 65537 (F4, the fifth Fermat number).

Notes:

Numbering of Fermat numbers starts from zero. F4 and 65537 agree, but F4 is fifth Fermat number in the series, not fourth.

Report New Errata



Search RFCs
Advanced Search
×