RFC Errata
RFC 4302, "IP Authentication Header", December 2005
Source of RFC: ipsec (sec)
Errata ID: 2188
Status: Rejected
Type: Technical
Publication Format(s) : TEXT
Reported By: Constantin Hagemeier
Date Reported: 2010-04-28
Rejected by: Sean Turner
Date Rejected: 2010-07-30
Section 3.3.3.2.2. says:
If padding bytes are needed but the algorithm does not specify the padding contents, then the padding octets MUST have a value of zero.
It should say:
The padding bytes MUST be zero. The algorithm MUST NOT specify anything else.
Notes:
This is forced two times in this RFC4302, namely before in this
section 3.3.3.2.2 and in 3.4.4 .
--VERIFIER NOTES--
Section 3.4.4 deals with verification of the ICV, whereas section 3.3.3 deal with generation of an ICV. Thus discussion of padding is needed in both contexts and is not redundant. The text should remain as it is.