RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 5106, "The Extensible Authentication Protocol-Internet Key Exchange Protocol version 2 (EAP-IKEv2) Method", February 2008

Source of RFC: IETF - NON WORKING GROUP
Area Assignment: sec
See Also: RFC 5106 w/ inline errata

Errata ID: 1338
Status: Verified
Type: Editorial
Publication Format(s) : TEXT

Reported By: Alfred Hoenes
Date Reported: 2008-03-03
Verifier Name: Sean Turner
Date Verified: 2010-07-30

Section 7, pg. 14/15 says:

                                                                  Only
   after receiving message 6, the server SHOULD respond with an
<< page break >>
   authentication failure notification, i.e., a message conforming to
|  message 6 in Figure 10.  The purpose of this behaviour is to prevent
   an adversary from probing the EAP-IKEv2 peer identifier space.

It should say:

                                                                   Only
   after receiving message 6, the server SHOULD respond with an
   authentication failure notification, i.e., a message conforming to
|  message 7 in Figure 10.  The purpose of this behaviour is to prevent
   an adversary from probing the EAP-IKEv2 peer identifier space.

Notes:

Rationale: See Figure 10 in Appendix A (on page 30).

Note: The RFC contains Figure 1..6, 10, and 11, but no Figure 7..9 !

Report New Errata



Advanced Search