RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

Found 2 records.

Status: Verified (1)

RFC 6704, "Forcerenew Nonce Authentication", August 2012

Source of RFC: dhc (int)

Errata ID: 4995

Status: Verified
Type: Technical

Reported By: Niels Widger
Date Reported: 2017-04-14
Verifier Name: Suresh Krishnan
Date Verified: 2017-04-19

Section 4 says:

   IANA has assigned the following new DHCPv4 option code from the
   registry "BOOTP Vendor Extensions and DHCP Options" maintained at
   http://www.iana.org/assignments/bootp-dhcp-parameters:

   Tag: 145

   Name: FORCERENEW_NONCE_CAPABLE

   Data length: 1

   Description: Forcerenew Nonce Capable

   Reference: this document

It should say:

   IANA has assigned the following new DHCPv4 option code from the
   registry "BOOTP Vendor Extensions and DHCP Options" maintained at
   http://www.iana.org/assignments/bootp-dhcp-parameters:

   Tag: 145

   Name: FORCERENEW_NONCE_CAPABLE

   Data length: n

   Description: Forcerenew Nonce Capable

   Reference: this document

Notes:

RFC 6704 Section 3.1.1 states that the FORCERENEW_NONCE_CAPABLE option is variable length and contains a list of algorithm types:

The FORCERENEW_NONCE_CAPABLE option contains code 145, length n, and
a sequence of algorithms the client supports:

Code Len Algorithms
+-----+-----+----+----+----+
| 145 | n | A1 | A2 | A3 | ....
+-----+-----+----+----+----+

Figure 1: FORCERENEW_NONCE_CAPABLE Option


Verifier's note(Suresh Krishnan - INT AD): This erratum is correct and it requires a change in the IANA registry. I authorize IANA to make this change.

Status: Held for Document Update (1)

RFC 6704, "Forcerenew Nonce Authentication", August 2012

Source of RFC: dhc (int)

Errata ID: 3353

Status: Held for Document Update
Type: Editorial

Reported By: Gaurav Halwasia
Date Reported: 2012-09-14
Held for Document Update by: Brian Haberman

Section 5.1 says:

   The mechanism described in this document is vulnerable to a denial-
   of-service (DoS) attack through flooding a client with bogus
   FORCERENEW messages.  The calculations involved in authenticating the
   bogus FORECERENEW messages may overwhelm the device on which the
   client is running.

It should say:

   The mechanism described in this document is vulnerable to a denial-
   of-service (DoS) attack through flooding a client with bogus
   FORCERENEW messages.  The calculations involved in authenticating the
   bogus FORCERENEW messages may overwhelm the device on which the
   client is running.

Notes:

Spelling of "FORECERENEW" is incorrect. It should be "FORCERENEW"

Report New Errata



Search RFCs
Advanced Search
×