RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 5280, "Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile", May 2008

Source of RFC: pkix (sec)

Errata ID: 1774
Status: Rejected
Type: Technical
Publication Format(s) : TEXT

Reported By: Takashi Ito
Date Reported: 2009-05-04
Rejected by: Pasi Eronen
Date Rejected: 2009-05-27

Section 6.3 says:

   For each distribution point (DP) in the certificate CRL distribution
   points extension, for each corresponding CRL in the local CRL cache,
   while ((reasons_mask is not all-reasons) and (cert_status is
   UNREVOKED)) perform the following:

      (a)  Update the local CRL cache by obtaining a complete CRL, a
      delta CRL, or both, as required:

It should say:

   For each distribution point (DP) in the certificate CRL distribution
   points extension, for each corresponding CRL in the local CRL cache,
   while ((reasons_mask is not all-reasons) and (cert_status is
   UNREVOKED)) perform the following:

   (l)  Set the reasons_mask state variable to the union of
        its previous value and the value of the interim_reasons_mask
        state variable.

      (a)  Update the local CRL cache by obtaining a complete CRL, a
      delta CRL, or both, as required:

Notes:

This was reported in 2002 for RFC 3280, which this document obsoletes. The correction did not make it in to RFC 5280, and therefore applies to RFC 5280 as well.
--VERIFIER NOTES--
The correction already appears as step (l), the last step in the loop.

Report New Errata