RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 4757, "The RC4-HMAC Kerberos Encryption Types Used by Microsoft Windows", December 2006

Source of RFC: IETF - NON WORKING GROUP
Area Assignment: sec

Errata ID: 1372
Status: Verified
Type: Technical

Reported By: Kevin Coffman
Date Reported: 2008-03-14
Verifier Name: Sean Turner
Date Verified: 2011-06-01

Section 7.3 says:

 // Generate checksum of message -
 //  SGN_CKSUM + Token.Confounder
 //   Key derivation salt = 15

 Sgn_Cksum = MD5((int32)15, Token.Header,
                Token.Confounder);


It should say:

 // Generate checksum of message -
 //  SGN_CKSUM + Token.Confounder
 //   Key derivation salt = 13

 Sgn_Cksum = MD5((int32)13, Token.Header,
                Token.Confounder);


Notes:

The final RFC appears to have cut-and-paste typo regarding the salt value used when generating the checksum for a WRAP token. The value used for a MIC token is 15, the value used for a WRAP token is 13.

Love Hörnquist Åstrand <lha@kth.se> pointed out that an earlier draft shows the values actually in use:

http://tools.ietf.org/html/draft-brezak-win2k-krb-rc4-hmac-02

Report New Errata