errata logo graphic

Found 3 records.

Status: Verified (3)

RFC4746, "Extensible Authentication Protocol (EAP) Password Authenticated Exchange", November 2006

Source of RFC: IETF - NON WORKING GROUP

Errata ID: 10

Status: Verified
Type: Technical

Reported By: Alfred Hoenes
Date Reported: 2006-11-26
Verifier Name: Russ Housley
Date Verified: 2010-03-15

Section 4.3.7 says:

   Consequently, EAP-PAX requires the use of a
   Diffie-Hellman group with modulus larger than 3000.  

It should say:

   Consequently, EAP-PAX requires the use of a
   Diffie-Hellman group with modulus larger than 3000 bits. 

Notes:

Provide units.


Errata ID: 11

Status: Verified
Type: Technical

Reported By: Alfred Hoenes
Date Reported: 2006-11-26
Verifier Name: Russ Housley
Date Verified: 2010-03-15

Section 3.2 says:

   These 52+L octets are then attached to the packet as the payload.

It should say:

   These 54+L octets are then attached to the packet as the payload.

Notes:

Correction based on preceding text (page 16) and Figure 8


Errata ID: 954

Status: Verified
Type: Editorial

Reported By: Alfred Hoenes
Date Reported: 2006-11-26
Verifier Name: Russ Housley
Date Verified: 2010-03-15

Section 3.2 says:

(1)  [typo]

On page 6 of RFC 4746, the 1st paragraph of Section 2.1 says:

   PAX_STD is a simple nonce-based authentication using the strong
   long-term key.  [...]

It should say:

|  PAX_STD is a simple nonce-based authentication using a strong
   long-term key.  [...]


(2)  [missing article]

Within Section 2.2, near the bottom of page 8, RFC 4746 says:

   When using EAP-PAX with Wireless LAN, clients SHOULD validate that
   the certificate's wlanSSID extension matches the SSID of the network
   to which it is currently authenticating.

It should say:

|  When using EAP-PAX with a Wireless LAN, clients SHOULD validate that
   the certificate's wlanSSID extension matches the SSID of the network
   to which it is currently authenticating.


(3)  [missing article]

On page 9, the 1st paragraph of Section 2.3 says:

   Messages PAX_STD-2, PAX_STD-3, PAX_SEC-4, PAX_SEC-5, and PAX_ACK
   contain optional component ADE.  [...]

It should say:

   Messages PAX_STD-2, PAX_STD-3, PAX_SEC-4, PAX_SEC-5, and PAX_ACK
|  contain an optional component ADE.  [...]


(4)  [extraneous word]

The 2nd paragraph of Section 4, at the bottom of page 19, says:

                                          [...].  Also note that the
   security of PAX can be proved using under the Random Oracle model.

It should say:
                                          [...].  Also note that the
|  security of PAX can be proved under the Random Oracle model.

Notes:

Corrects minor editorial errors.


Report New Errata