RFC 6347, "Datagram Transport Layer Security Version 1.2", January 2012
Note: This RFC has been obsoleted by RFC 9147Source of RFC: tls (sec)
Errata ID: 4104
Publication Format(s) : TEXT
Reported By: Manuel Pégourié-Gonnard
Date Reported: 2014-09-08
Section 4.1 says:
[Page 8] In order to ensure that any given sequence/epoch pair is unique, implementations MUST NOT allow the same epoch value to be reused within two times the TCP maximum segment lifetime. In practice, TLS implementations rarely rehandshake; therefore, we do not expect this to be a problem.
It should say:
[Delete these two sentences.]
Page 9 starts with: "Similarly, implementations MUST NOT allow the epoch to wrap" which is a stronger requirement (not allowing to wrap at all vs not allowing reuse within some period), so the weaker requirement should be eliminated to avoid confusion.