RFC Errata

Errata Search

Source of RFC  
Summary Table Full Records

RFC 2712, "Addition of Kerberos Cipher Suites to Transport Layer Security (TLS)", October 1999

Source of RFC: tls (sec)

Errata ID: 5432
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT

Reported By: Eugene Adell
Date Reported: 2018-07-20
Held for Document Update by: Paul Wouters
Date Held: 2024-01-12

Section Appendix says:

It should say:


   RFC 2712 introduces new cipher suites values, starting with the
   cipher value { 0x00, 0x1E }.
   This cipher value was earlier known as a Fortezza cipher suite,
   and this could lead to a conflict.


Errata 5409 was rejected and I was suggested to post another one at this place.

RFC 2712 (Addition of Kerberos Cipher Suites to Transport Layer Security) in its Draft 01 version introduces new cipher suites values, among them three are colliding with the Fortezza cipher suites. The Draft 02 version partially corrects that, by shifting all of the Kerberos cipher suites values by two.
This omission of the third Fortezza cipher suite has never been corrected, and this remains in the same state in the final RFC 2712. As a result, the cipher suite value { 0x00, 0x1E } is now officially known as a Kerberos one.

Although not documented themselves by any RFC, the two non conflicting Fortezza cipher suites are mentioned in the same note in the TLS protocol RFC (2246, 4346, 5246). This gives an explanation on how the Kerberos cipher suite values were chosen.

Report New Errata

Advanced Search