Found 2 records.

Status: Reported (2)

RFC 7516, "JSON Web Encryption (JWE)", May 2015

Errata ID: 7719
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Jeffrey Yasskin
Date Reported: 2023-12-01

Section 6 says:

The key identification methods for this specification are the same as
those defined in Section 6 of [JWS], except that the key being
identified is the public key to which the JWE was encrypted.

It should say:

??? <I don't know the proper correction.>

Notes:

Section 6 of [JWS] says "these parameters need not be integrity protected, since changing them in a way that causes a different key to be used will cause the validation to fail."

I don't know if this is true for signature schemes (that is, RFC 7515 might have the same erratum), but this is only true for encryption schemes if the algorithm is key-committing. See https://www.ietf.org/archive/id/draft-irtf-cfrg-aead-properties-02.html#name-key-commitment.

Errata ID: 6018
Status: Reported
Type: Editorial
Publication Format(s) : TEXT
Reported By: Kinan Diraneyya
Date Reported: 2020-03-16

Throughout the document, when it says:

initialization vector

It should say:

initialization value

Notes:

RFCs 7516 through 7520 (inclusive) all used the deprecated (as dictated by RFC 4949) term "initialization vector" in place of the newer term "initialization value".

Report New Errata