RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 6896, "SCS: KoanLogic's Secure Cookie Sessions for HTTP", March 2013

Source of RFC: INDEPENDENT
See Also: RFC 6896 w/ inline errata

Errata ID: 4085
Status: Verified
Type: Technical
Publication Format(s) : TEXT

Reported By: Sven Herzberg
Date Reported: 2014-08-17
Verifier Name: Nevil Brownlee
Date Verified: 2014-12-22

Section Appendix A says:

   o  AES-CBC-128 key: "123456789abcdef"

It should say:

Appendix A.  Examples

   The examples in this section have been created using the 'scs' test
   tool bundled with LibSCS, a free and opensource reference
   implementation of the SCS protocol that can be found at
   (http://github.com/koanlogic/libscs).

A.1.  No Compression

   The following parameters:

   o  Plaintext cookie: "a state string"

   o  AES-CBC-128 key: 0123456789abcdef

   o  HMAC-SHA1 key: 12345678901234567890

   o  TID: tid

   o  ATIME: 1347265955

   o  IV:
      \xb4\xbd\xe5\x24\xf7\xf6\x9d\x44\x85\x30\xde\x9d\xb5\x55\xc9\x4f

   produce the following tokens:

   o  DATA: pzSOjcNui9-HWS_Qk1Pwpg

   o  ATIME: MTM0NzI2NTk1NQ

   o  TID: dGlk

   o  IV: tL3lJPf2nUSFMN6dtVXJTw

   o  AUTHTAG: uea1fgC67RmOxfpNz8gMbnPWfDA

A.2.  Use Compression

   The same parameters as above, except ATIME and IV:

   o  Plaintext cookie: "a state string"

   o  AES-CBC-128 key: 0123456789abcdef

   o  HMAC-SHA1 key: 12345678901234567890

   o  TID: tid

   o  ATIME: 1347281709

   o  IV:
      \x1d\xa7\x6f\xa0\xff\x11\xd7\x95\xe3\x4b\xfb\xa9\xff\x65\xf9\xc7

   produce the following tokens:

   o  DATA: gEnL9b92EEFBLg1qNVLoO9BpVh4GH9fyOo-NkV354JU

   o  ATIME: MTM0NzI4MTcwOQ

   o  TID: dGlk

   o  IV: HadvoP8R15XjS_up_2X5xw

   o  AUTHTAG: ak1Kq1MJV-VHZ5zaci9FsI78wSw

   In both cases, the resulting SCS cookie is obtained via ordered
   concatenation of the produced tokens, as described in Section 3.1.



Notes:

The key length for AES-CBC-128 is 128 bit (16 byte). The specified
string has a length of 15 bytes (and thus, cannot be used as the key).

This error is both in A.1. and A.2.

The corrected text above is a complete replacement (supplied by the Author) for
Appendix A, with corrected results.

Report New Errata



Advanced Search