RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 6347, "Datagram Transport Layer Security Version 1.2", January 2012

Note: This RFC has been obsoleted by RFC 9147

Note: This RFC has been updated by RFC 7507, RFC 7905, RFC 8996, RFC 9146

Source of RFC: tls (sec)

Errata ID: 4103
Status: Reported
Type: Technical
Publication Format(s) : TEXT

Reported By: Manuel Pégourié-Gonnard
Date Reported: 2014-09-08

Section 4.2.1 says:


   [p. 15]            DTLS 1.2 server implementations SHOULD use DTLS
   version 1.0 regardless of the version of TLS that is expected to be
   negotiated.

   [p. 16]                                The server MUST use the same
   version number in the HelloVerifyRequest that it would use when
   sending a ServerHello.

   [p. 15]      DTLS 1.2 and 1.0 clients MUST use the version solely to
   indicate packet formatting (which is the same in both DTLS 1.2 and
   1.0) and not as part of version negotiation.  In particular, DTLS 1.2
   clients MUST NOT assume that because the server uses version 1.0 in
   the HelloVerifyRequest that the server is not DTLS 1.2 or that it
   will eventually negotiate DTLS 1.0 rather than DTLS 1.2.

   [p. 16]                 Upon receipt of the ServerHello, the client
   MUST verify that the server version values match.

It should say:

   [p. 15]            DTLS 1.2 server implementations MAY use DTLS
   version 1.0 regardless of the version of TLS that is expected to be
   negotiated, or the version that is expected to be negotiated.

   [p. 15]      DTLS 1.2 and 1.0 clients MUST use the version solely to
   indicate packet formatting (which is the same in both DTLS 1.2 and
   1.0) and not as part of version negotiation.  In particular, DTLS 1.2
   clients MUST NOT assume that because the server uses version 1.0 in
   the HelloVerifyRequest that the server is not DTLS 1.2 or that it
   will eventually negotiate DTLS 1.0 rather than DTLS 1.2.

   [p. 16] [Delete text relating to HelloVerifyRequest.server_version]

Notes:

The statements on the bottom of page 15 and on the top of page 16 are mutually contradictory. It looks like the statements on page 16 were copied from RFC 4347, but the intention was to replace them with the version from page 15 in this revision of the standard.

Report New Errata



Advanced Search