errata logo graphic

Found 3 records.

Status: Verified (3)

RFC5191, "Protocol for Carrying Authentication for Network Access (PANA)", May 2008

Source of RFC: pana (int)

Errata ID: 2997

Status: Verified
Type: Technical

Reported By: Yoshihiro Ohba
Date Reported: 2011-10-13
Verifier Name: Ralph Droms
Date Verified: 2013-03-10

Section 8.4 says:

The Key-Id AVP (AVP Code 4) is of type Integer32 and contains an MSK
identifier.  

It should say:

The Key-Id AVP (AVP Code 4) is of type Unsigned32 and contains an MSK
identifier.

Notes:

The Correct Text will be consistent with the following text in Section 5.3, "The Key-Id AVP is of type Unsigned32..."


Errata ID: 3397

Status: Verified
Type: Technical

Reported By: Yoshihiro Ohba
Date Reported: 2012-10-30
Verifier Name: Ralph Droms
Date Verified: 2013-03-10

Section 4.3 says:

When the PAA initiates re-authentication, it sends a 
PANA-Auth-Request message containing the session identifier for the 
PaC.  The PAA MUST initiate EAP re-authentication before the current 
session lifetime expires.

It should say:

When the PAA initiates re-authentication, it sends a 
PANA-Auth-Request message containing the session identifier for the 
PaC.  In this case, the PAA MUST initiate EAP re-authentication 
before the current session lifetime expires.

Notes:

The 2nd sentence in the original text seems to indicate that re-authentication initiation from PAA is mandated, which is not correct as Section 3 says "the PAA may, and the PaC should, initiate re-authentication if they want to update the PANA session lifetime before the PANA session lifetime expires.


Errata ID: 3439

Status: Verified
Type: Technical

Reported By: Yoshihiro Ohba
Date Reported: 2012-12-27
Verifier Name: Brian Haberman
Date Verified: 2013-01-07

Section 8.3 says:

All PANA implementations MUST support AUTH_HMAC_SHA1_160 (7) [RFC4595].

It should say:

All PANA implementations MUST support AUTH_HMAC_SHA1_160 (7) [RFC4595] with a key length of 20 octets.

Notes:

RFC 4595 refers to FC-SP (INCITS Technical Committee T11, ANSI INCITS xxx-200x, "Fibre Channel - Security Protocols (FC-SP)") which refers to RFC 2104 for HMAC. However, since RFC 2104 allows variable key length, a fixed key length needs to be specified in RFC 5191 to avoid a potential interoperability problem.


Report New Errata