RFC Errata
RFC 4683, "Internet X.509 Public Key Infrastructure Subject Identification Method (SIM)", October 2006
Source of RFC: pkix (sec)
Errata ID: 2354
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT
Reported By: Alfred Hoenes
Date Reported: 2007-09-18
Held for Document Update by: Sean Turner
Date Held: 2010-07-21
Section 4.2 says:
The first paragraph of Section 4.2, on page 9 of RFC 4683 says: The user selects a password as one of the input values for computing the SIM. The strength of the password is critical to protection of | the user's SII, in the following sense. If an attacker has a | candidate SII value, and wants to determine whether the SIM value in | a specific subject certificate, P is the only protection for the SIM. [...] The marked (3rd) sentence does not parse; apparently something is missing, or the word "whether" has to be deleted, as follows: [...]. If an attacker has a | candidate SII value, and wants to determine the SIM value in a specific subject certificate, P is the only protection for the SIM. [...]
It should say:
See above.