RFC Errata
RFC 5216, "The EAP-TLS Authentication Protocol", March 2008
Note: This RFC has been updated by RFC 8996, RFC 9190
Source of RFC: emu (sec)
Errata ID: 1388
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT
Reported By: Alfred Hoenes
Date Reported: 2008-03-26
Held for Document Update by: Pasi Eronen
Section 2.1.1,pg.5 says:
The certificate message contains a public key certificate chain for either a key exchange public key (such as an RSA or Diffie-Hellman key exchange public key) or a signature public key (such as an RSA or | Digital Signature Standard (DSS) signature public key). In the latter case, a TLS server_key_exchange handshake message MUST also be included to allow the key exchange to take place.
It should say:
The certificate message contains a public key certificate chain for either a key exchange public key (such as an RSA or Diffie-Hellman key exchange public key) or a signature public key (such as an RSA or | Digital Signature Algorithm (DSA) signature public key). In the ^^^^^^^^^ ^ latter case, a TLS server_key_exchange handshake message MUST also be included to allow the key exchange to take place.
Notes:
Location is the 6th paragraph of Section 2.1.1.
(Please note that the first paragraph of that section is
inadvertently split into two parts by a spurious blank line
that has been ignored for the purpose of paragraph numbering.)
Rationale:
There's no such thing like a DSS signature public key.
Keys have to match the mathematical algorithms, and only
indirectly the standrds documents.
The Digital Signature Standard (DSS) supports three different
kinds of signature algorithms: (classical) DSA, ECDSA (the DSA
variant based on Elliptic Curve Cryptography), and RSA.
All three algorithms require different keys, based on the
mathematical properties and the related presentation forms.
Other parts of the document, in particular Section 5.1 already
use the proper terminology to distinguish between algorithm and
standards document.