errata logo graphic

Found 5 records.

Status: Verified (3)

RFC6545, "Real-time Inter-network Defense (RID)", April 2012

Source of RFC: mile (sec)

Errata ID: 3939

Status: Verified
Type: Technical

Reported By: Jim Schaad
Date Reported: 2014-03-29
Verifier Name: Stephen Farrell
Date Verified: 2014-05-08

Section 7.1.1 says:

      <iodef-rid:XMLDocument dtype="xml" meaning="xml">
       <IODEF-Document lang="en">
        <iodef:Incident purpose="traceback" restriction="need-to-know">
          <iodef:IncidentID name="CERT-FOR-OUR-DOMAIN">
                           CERT-FOR-OUR-DOMAIN#207-1
          </iodef:IncidentID>

It should say:

      <iodef-rid:XMLDocument dtype="xml" meaning="xml">
       <iodef:IODEF-Document lang="en">
        <iodef:Incident purpose="traceback" restriction="need-to-know">
          <iodef:IncidentID name="CERT-FOR-OUR-DOMAIN">
                           CERT-FOR-OUR-DOMAIN#207-1
          </iodef:IncidentID>

Notes:

The IODEF-Document node (both opening and closing) are missing the namespace prefix. Without this, the contents of the node will not be correctly validated.

(Change is in line 2 above. The closing tag change is the same, but is not part of the delta change above.)


Errata ID: 3940

Status: Verified
Type: Technical

Reported By: Jim Schaad
Date Reported: 2014-03-29
Verifier Name: Stephen Farrell
Date Verified: 2014-05-08

Section 5.4 says:

<RID-Document version="2.0" lang="en-US"
      xmlns:iodef-rid="urn:ietf:params:xml:ns:iodef-rid-2.0"
      xmlns:xsi="http://www.w3c.org/2001/XMLSchema-instance"
      xsi:schemaLocation="urn:ietf:params:xml:ns:iodef-rid-2.0.xsd">

It should say:

<iodef-rid:RID version="2.0" lang="en-US"
      xmlns:iodef-rid="urn:ietf:params:xml:ns:iodef-rid-2.0"
      xmlns:xsi="http://www.w3c.org/2001/XMLSchema-instance"
      xsi:schemaLocation="urn:ietf:params:xml:ns:iodef-rid-2.0.xsd
http://www.iana.org/assignments/xml-registry/schema/iodef-rid-2.0.xsd">

Notes:

Two errors in the text are fixed:

1. The root node is incorrect. It does not have a namespace declared for the root node and there is no node named RID-Document in the schema that is declared. The correct root node is RID and it should have the rid v2 name space

2. The schemaLocation is a pair of text strings in this location. The first is the namespace and the second is a location to get the schema for that namespace. An alternative is to omit the attribute as any application that is loading this document should already have the schema and should never need to go out and fetch it.


Errata ID: 3410

Status: Verified
Type: Editorial

Reported By: Kathleen Moriarty
Date Reported: 2012-11-15
Verifier Name: Sean Turner
Date Verified: 2013-03-16

Section 5.2 says:

    AuthorizationStatus

         One.  REQUIRED.  ENUM.  The listed values are used to provide a
         response to the requesting CSIRT of the status of a Request,
         Report, or Query.

         1.  Approved.  The trace was approved and will begin in the
             current SP.

         2.  Denied.  The trace was denied in the current SP.  The next
             closest SP can use this message to filter traffic from the
             upstream SP using the example packet to help mitigate the
             effects of the attack as close to the source as possible.
             The Acknowledgement message must be passed back to the
             originator and a Result message must be used from the
             closest SP to the source in order to indicate actions taken
             in the IODEF History class.

It should say:

    AuthorizationStatus

         One.  REQUIRED.  ENUM.  The listed values are used to provide a
         response to the requesting CSIRT of the status of a Request,
         Report, or Query.

         1.  Approved.  The request was approved and will be processed
             and acted upon by the receiving SP or the report was
             approved for processing.

         2.  Denied.  The message was denied for processing by the 
             recipient for the reasons provided in the Justification.
             If the RID message was a Trace, the next closest SP can
             use this message to filter traffic from the upstream SP
             using the example packet to help mitigate the effects of
             the attack as close to the source as possible.  The
             Acknowledgement message must be passed back to the
             originator and a Result message must be used from the
             closest SP to the source in order to indicate actions taken
             in the IODEF History class.

Notes:

The definition for Approved and Denied was confusing to an implementer. Although the AuthorizationStatus was broadly defined and the message flows in 7 show the Acknowledgement applies to all messages, the Approved and Denied were being read as specific to Trace Requests.


Status: Held for Document Update (2)

RFC6545, "Real-time Inter-network Defense (RID)", April 2012

Source of RFC: mile (sec)

Errata ID: 3302

Status: Held for Document Update
Type: Editorial

Reported By: S Terry Brugger
Date Reported: 2012-07-31
Held for Document Update by: Sean Turner
Date Held: 2012-07-31

Section 7.2.1 says:

   SP-1 is represented by CERT-FOR-OUR-DOMAIN and 192.0.2.67.  SP-2 is
   identified by 192, 0.2.98.  In this example, SP-2 is the service
   provider for systems on the 192.0.2.32/27 subnet.  The contact for
   the host 192.0.2.35 is known at the start of the request as
   'Constituency-contact@10.1.1.2'.

It should say:

   SP-1 is represented by CERT-FOR-OUR-DOMAIN and 192.0.2.67.  SP-2 is
   identified by 192.0.2.98.  In this example, SP-2 is the service
   provider for systems on the 192.0.2.32/27 subnet.  The contact for
   the host 192.0.2.35 is known at the start of the request as
   'Constituency-contact@10.1.1.2'.

Notes:

This could also be considered an Editorial erratum; however, since it is a technically invalid address, I selected Technical.

AD: I marked it as editorial because the correct value is used in the example.


Errata ID: 3303

Status: Held for Document Update
Type: Editorial

Reported By: S Terry Brugger
Date Reported: 2012-07-31
Held for Document Update by: Sean Turner

Section 9.5 says:

   o  Protection of data from being viewed by intermediate parties in
      the path of an Request request  should be considered.

It should say:

   o  Protection of data from being viewed by intermediate parties in
      the path of a Request request should be considered.


Report New Errata