RFC Errata
RFC 6347, "Datagram Transport Layer Security Version 1.2", January 2012
Note: This RFC has been obsoleted by RFC 9147
Note: This RFC has been updated by RFC 7507, RFC 7905, RFC 8996, RFC 9146
Source of RFC: tls (sec)
Errata ID: 4103
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Manuel Pégourié-Gonnard
Date Reported: 2014-09-08
Section 4.2.1 says:
[p. 15] DTLS 1.2 server implementations SHOULD use DTLS version 1.0 regardless of the version of TLS that is expected to be negotiated. [p. 16] The server MUST use the same version number in the HelloVerifyRequest that it would use when sending a ServerHello. [p. 15] DTLS 1.2 and 1.0 clients MUST use the version solely to indicate packet formatting (which is the same in both DTLS 1.2 and 1.0) and not as part of version negotiation. In particular, DTLS 1.2 clients MUST NOT assume that because the server uses version 1.0 in the HelloVerifyRequest that the server is not DTLS 1.2 or that it will eventually negotiate DTLS 1.0 rather than DTLS 1.2. [p. 16] Upon receipt of the ServerHello, the client MUST verify that the server version values match.
It should say:
[p. 15] DTLS 1.2 server implementations MAY use DTLS version 1.0 regardless of the version of TLS that is expected to be negotiated, or the version that is expected to be negotiated. [p. 15] DTLS 1.2 and 1.0 clients MUST use the version solely to indicate packet formatting (which is the same in both DTLS 1.2 and 1.0) and not as part of version negotiation. In particular, DTLS 1.2 clients MUST NOT assume that because the server uses version 1.0 in the HelloVerifyRequest that the server is not DTLS 1.2 or that it will eventually negotiate DTLS 1.0 rather than DTLS 1.2. [p. 16] [Delete text relating to HelloVerifyRequest.server_version]
Notes:
The statements on the bottom of page 15 and on the top of page 16 are mutually contradictory. It looks like the statements on page 16 were copied from RFC 4347, but the intention was to replace them with the version from page 15 in this revision of the standard.