errata logo graphic

Found 3 records.

Status: Verified (1)

RFC5272, "Certificate Management over CMS (CMC)", June 2008

Source of RFC: pkix (sec)

Errata ID: 2063

Status: Verified
Type: Technical

Reported By: Jim Schaad
Date Reported: 2010-03-04
Verifier Name: Tim Polk
Date Verified: 2010-04-28

Section Appendix A says:

 EnrollmentMessageSyntax
 { iso(1) identified-organization(3) dod(4) internet(1)
 security(5) mechansims(5) pkix(7) id-mod(0) id-mod-cmc2002(23) }

It should say:

 EnrollmentMessageSyntax
 { iso(1) identified-organization(3) dod(6) internet(1)
 security(5) mechansims(5) pkix(7) id-mod(0) id-mod-cmc2002(23) }

Notes:

ASN.1 Object Identifiers are assigned based on the number not the name, this means that the current module is assigned in a name space that is not under our control.


Status: Reported (1)

RFC5272, "Certificate Management over CMS (CMC)", June 2008

Source of RFC: pkix (sec)

Errata ID: 4186

Status: Reported
Type: Technical

Reported By: Pierce Leonberger
Date Reported: 2014-11-18

Section 3.2.1.3.2 says:

The Data content type allows for general transport of unstructured
   data.

   The Data content type is used by this document for:

      Holding the encrypted random value y for POP proof in the
      encrypted POP control (see Section 6.7).

It should say:

See Notes

Notes:

It's invalid for the encoding of an ANY or OpenType to have "unstructured" data. See X.690 section 8.15:

8.15 Encoding of an open type
The value of an open type is also a value of some (other) ASN.1 type. The encoding of such a value shall be the complete encoding herein specified for the value considered as being of that other type.

Note there's similar wording in X.209 section 21 for ANY:

21 Encoding of a value of the ANY type
The encoding of an ANY type shall be the complete encoding specified in this Recommendation for the type of the value of the ANY type.


Status: Held for Document Update (1)

RFC5272, "Certificate Management over CMS (CMC)", June 2008

Source of RFC: pkix (sec)

Errata ID: 2731

Status: Held for Document Update
Type: Editorial

Reported By: Sean Turner
Date Reported: 2011-02-23
Held for Document Update by: Tim Polk

Section 2.2 says:

Full PKI Response
------------------------
+----------------+
| CMS ContentInfo|
| CMS SignedData |
|   or Auth Data |
|     object     |
+----------------+--------+
|                         |
| PKIResponseBody         |

It should say:

Full PKI Response
------------------------
+----------------+
| CMS ContentInfo|
| CMS SignedData |
|   or Auth Data |
|     object     |
+----------------+--------+
|                         |
| PKIResponse             |

Notes:

PKIResponse should be PKIResponse. It's the name of the content type. PKIResponseBody only appears once in this RFC and it's in Figure 2.


Report New Errata