RFC Errata
RFC 2246, "The TLS Protocol Version 1.0", January 1999
Note: This RFC has been obsoleted by RFC 4346
Note: This RFC has been updated by RFC 3546, RFC 5746, RFC 6176, RFC 7465, RFC 7507, RFC 7919
Source of RFC: tls (sec)
Errata ID: 3482
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT
Reported By: Florian Maury
Date Reported: 2013-02-11
Held for Document Update by: Sean Turner
Section 7.4.9. says:
The hash contained in finished messages sent by the server incorporate Sender.server; those sent by the client incorporate Sender.client. The value handshake_messages includes all handshake messages starting at client hello up to, but not including, this finished message. This may be different from handshake_messages in Section 7.4.8 because it would include the certificate verify message (if sent). Also, the handshake_messages for the finished message sent by the client will be different from that for the finished message sent by the server, because the one which is sent second will include the prior one.
It should say:
The value handshake_messages includes all handshake messages starting at client hello up to, but not including, this finished message. This may be different from handshake_messages in Section 7.4.8 because it would include the certificate verify message (if sent). Also, the handshake_messages for the finished message sent by the client will be different from that for the finished message sent by the server, because the one which is sent second will include the prior one.
Notes:
The sentence about Sender.client and Sender.server is a remainder from the draft 2 and previous versions. The verification computation changed between draft 2 and draft 3 (as showed by rfcdiff http://tools.ietf.org/rfcdiff?difftype=--hwdiff&url2=draft-ietf-tls-protocol-03.txt ) but the sentence remained. It should be stripped as the Sender enumerated type is not even declared anymore.