RFC Errata
RFC 6962, "Certificate Transparency", June 2013
Note: This RFC has been obsoleted by RFC 9162
Source of RFC: IETF - NON WORKING GROUPArea Assignment: sec
See Also: RFC 6962 w/ inline errata
Errata ID: 3686
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Eran Messeri
Date Reported: 2013-07-26
Verifier Name: Stephen Farrell
Date Verified: 2014-07-03
Section 4.2 says:
chain: An array of base64-encoded Precertificates. The first element is the end-entity certificate; the second chains to the first and so on to the last, which is either the root certificate or a certificate that chains to a known root certificate.
It should say:
chain: An array of base64-encoded Precertificate and certificates. The first element is the end-entity precertificate; the second chains to the first and so on to the last, which is either the root certificate or a certificate that chains to a known root certificate. Only the first element in the array may be a precertificate.
Notes:
The current description of Add PreCertChain implies the array may consist of multiple Precertificates. In practice it only makes sense for the first element to be a Precertificate, the following elements should be proper certificates.