RFC Errata
RFC 5008, "Suite B in Secure/Multipurpose Internet Mail Extensions (S/MIME)", September 2007
Note: This RFC has been obsoleted by RFC 6318
Source of RFC: IETF - NON WORKING GROUPArea Assignment: sec
See Also: RFC 5008 w/ inline errata
Errata ID: 1902
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Sean Turner
Date Reported: 2009-10-05
Verifier Name: Russ Housley
Date Verified: 2010-04-08
Section 4.3 says:
keyInfo contains the object identifier of the key-encryption algorithm that will be used to wrap the content-encryption key and NULL parameters. In Suite B, Security Level 1, AES-128 Key Wrap MUST be used, resulting in {id-aes128-wrap, NULL}. In Suite B, Security Level 2, AES-256 Key Wrap MUST be used, resulting in {id-aes256-wrap, NULL}.
It should say:
keyInfo contains the object identifier of the key-encryption algorithm that will be used to wrap the content-encryption key and absent parameters. In Suite B, Security Level 1, AES-128 Key Wrap MUST be used, resulting in {id-aes128-wrap}. In Suite B, Security Level 2, AES-256 Key Wrap MUST be used, resulting in {id-aes256-wrap}.
Notes:
Parameters for AES-* Key Wrap MUST be absent according to RFC 3565.