RFC Errata
RFC 6896, "SCS: KoanLogic's Secure Cookie Sessions for HTTP", March 2013
Source of RFC: INDEPENDENTSee Also: RFC 6896 w/ inline errata
Errata ID: 4085
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Sven Herzberg
Date Reported: 2014-08-17
Verifier Name: Nevil Brownlee
Date Verified: 2014-12-22
Section Appendix A says:
o AES-CBC-128 key: "123456789abcdef"
It should say:
Appendix A. Examples
The examples in this section have been created using the 'scs' test
tool bundled with LibSCS, a free and opensource reference
implementation of the SCS protocol that can be found at
(http://github.com/koanlogic/libscs).
A.1. No Compression
The following parameters:
o Plaintext cookie: "a state string"
o AES-CBC-128 key: 0123456789abcdef
o HMAC-SHA1 key: 12345678901234567890
o TID: tid
o ATIME: 1347265955
o IV:
\xb4\xbd\xe5\x24\xf7\xf6\x9d\x44\x85\x30\xde\x9d\xb5\x55\xc9\x4f
produce the following tokens:
o DATA: pzSOjcNui9-HWS_Qk1Pwpg
o ATIME: MTM0NzI2NTk1NQ
o TID: dGlk
o IV: tL3lJPf2nUSFMN6dtVXJTw
o AUTHTAG: uea1fgC67RmOxfpNz8gMbnPWfDA
A.2. Use Compression
The same parameters as above, except ATIME and IV:
o Plaintext cookie: "a state string"
o AES-CBC-128 key: 0123456789abcdef
o HMAC-SHA1 key: 12345678901234567890
o TID: tid
o ATIME: 1347281709
o IV:
\x1d\xa7\x6f\xa0\xff\x11\xd7\x95\xe3\x4b\xfb\xa9\xff\x65\xf9\xc7
produce the following tokens:
o DATA: gEnL9b92EEFBLg1qNVLoO9BpVh4GH9fyOo-NkV354JU
o ATIME: MTM0NzI4MTcwOQ
o TID: dGlk
o IV: HadvoP8R15XjS_up_2X5xw
o AUTHTAG: ak1Kq1MJV-VHZ5zaci9FsI78wSw
In both cases, the resulting SCS cookie is obtained via ordered
concatenation of the produced tokens, as described in Section 3.1.
Notes:
The key length for AES-CBC-128 is 128 bit (16 byte). The specified
string has a length of 15 bytes (and thus, cannot be used as the key).
This error is both in A.1. and A.2.
The corrected text above is a complete replacement (supplied by the Author) for
Appendix A, with corrected results.