RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 3961, "Encryption and Checksum Specifications for Kerberos 5", February 2005

Note: This RFC has been updated by RFC 8429

Source of RFC: krb-wg (sec)

Errata ID: 5522
Status: Rejected
Type: Technical
Publication Format(s) : TEXT

Reported By: Wrong required required checksum mechanism for des-cbc-crc
Date Reported: 2018-10-12
Rejected by: Benjamin Kaduk
Date Rejected: 2018-10-15

Section 6.2.3 says:

                               des-cbc-crc
   --------------------------------------------------------------------
   protocol key format      8 bytes, parity in low bit of each

   specific key structure   copy of original key

   required checksum        rsa-md5-des
   mechanism

It should say:

                               des-cbc-crc
   --------------------------------------------------------------------
   protocol key format      8 bytes, parity in low bit of each

   specific key structure   copy of original key

   required checksum        CRC32
   mechanism

Notes:

des-cbc-crc is using the modified crc32 checksum, its required checksum should be CRC32, constant defined in section 8
--VERIFIER NOTES--
Rejected per submitter request; the required Checksum is a distinct operation, not a subset of the encryption operation.

Report New Errata



Advanced Search