RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 4634, "US Secure Hash Algorithms (SHA and HMAC-SHA)", July 2006

Note: This RFC has been obsoleted by RFC 6234

Source of RFC: IETF - NON WORKING GROUP
Area Assignment: sec

Errata ID: 2422
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT

Reported By: Alfred Hoenes
Date Reported: 2006-08-13
Held for Document Update by: Sean Turner
Date Held: 2010-08-06

Section 8.2.2 says:

The initial Description in this file, on page 33, says:

 * Description:
 *   This file implements the Secure Hash Signature Standard
 *   algorithms as defined in the National Institute of Standards
 *   and Technology Federal Information Processing Standards
 *   Publication (FIPS PUB) 180-1 published on April 17, 1995, 180-2
 *   published on August 1, 2002, and the FIPS PUB 180-2 Change
 *   Notice published on February 28, 2004.

It should say:

 * Description:
 *   This file implements the Secure Hash Algorithms SHA-224 and
 *   SHA-256, as defined in the National Institute of Standards
 *   and Technology Federal Information Processing Standards
 *   Publication (FIPS PUB) 180-2 published on August 1, 2002, and
 *   the FIPS PUB 180-2 Change Notice published on February 28, 2004.

Rationale:

FIPS-PUB 180-1 only specified SHA-1, neither SHA-224 nor SHA-256.
FIPS-PUB 180-2 has introduced SHA-256 (and SHA-384 and SHA-512 as
well), and SHA-224 has been introduced by the "Change Notice 1".
Thus, citation of FIPS PUB 180-1 is void and inappropriate in the
context of SHA-224 and SHA-256.
Avoiding the term "Signature" also conforms to the above Standards
-- cf. item (4) and (5) above.
Restricting the text to the scope of the file -- cf. item (5) above.

Report New Errata