RFC 5792, "PA-TNC: A Posture Attribute (PA) Protocol Compatible with Trusted Network Connect (TNC)", March 2010Source of RFC: nea (sec)
Errata ID: 3936
Reported By: Steve Hanna
Date Reported: 2014-03-27
Verifier Name: Stephen Farrell
Date Verified: 2014-05-08
Section 3.4 says:
As depicted in section 3.2, a PA-TNC message consists of a PA-TNC header followed by a sequence of one or more attributes.
It should say:
As depicted in section 3.2, a PA-TNC message consists of a PA-TNC header followed by a sequence of zero or more attributes.
Section 4 of RFC 5792 says “A PA-TNC message MUST contain a PA-TNC header (defined in section 3.6. followed by a sequence of zero or more PA-TNC attributes.” This contradicts the text in section 3.4, which says “one or more”. The correct text is “zero or more”. There’s no reason why a PA-TNC message containing zero attributes should be prohibited. For PA-TNC messages with some PA subtypes, an empty message containing no attributes may be enough.