Errata Search
RFC Number:		Errata ID:
Source of RFC		Status:	All/Any Verified+Reported Verified Reported Held for Document Update Rejected
Area Acronym:	All/Any app art gen int ops rai rtg sec tsv	Type:	All/Any Editorial Technical
WG Acronym:		Submitter Name:
Other:	All/Any IAB INDEPENDENT IRTF Legacy Editorial	Date Submitted:
Summary Table Full Records

RFC 5281, "Extensible Authentication Protocol Tunneled Transport Layer Security Authenticated Protocol Version 0 (EAP-TTLSv0)", August 2008

Source of RFC: IETF - NON WORKING GROUP
Area Assignment: sec
See Also: RFC 5281 w/ inline errata

---

Errata ID: 1494
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Alfred Hoenes
Date Reported: 2008-08-22
Verifier Name: Sean Turner
Date Verified: 2011-03-09

Section 8, pg.19 says:

      Keying Material = PRF-128(SecurityParameters.master_secret, "ttls
                keying material", SecurityParameters.client_random +
                SecurityParameters.server_random)

It should say:

      Keying Material = PRF-128(SecurityParameters.master_secret,
                "ttls keying material", SecurityParameters.client_random
                + SecurityParameters.server_random)

Notes:

The string in double quotes is a cryptographically significant
protocol element and hence white space within it should be
represented faithfully and unambiguously in the published text.
The line break and additional indentation inserted into the string
during final editing of the RFC disturb the clarity of the text.

This same issue already has been discussed at length in the context
of other documents making use of the same or similar key material
derivation techniques.

Report New Errata