RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 4752, "The Kerberos V5 ("GSSAPI") Simple Authentication and Security Layer (SASL) Mechanism", November 2006

Source of RFC: sasl (sec)

Errata ID: 5532
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT

Reported By: Borun Song
Date Reported: 2018-10-18
Held for Document Update by: Benjamin Kaduk
Date Held: 2018-10-18

Section 3.2 says:

   with the first octet containing a bit-mask specifying the security
   layers supported by the server and the second through fourth octets
   containing in network byte order the maximum size output_token the
   server is able to receive (which MUST be 0 if the server does not
   support any security layer).

It should say:

   with the first octet containing a bit-mask specifying the security
   layers supported by the server and the second through fourth octets
   containing in network byte order the maximum size output_message the
   server is able to receive (which MUST be 0 if the server does not
   support any security layer).

Notes:

‘output_token’ should be 'output_message' here, since 'output_token' is an output of GSS_Init_sec_context while here we are talking about the maximum data length that GSS_Unwrap (GSS_Wrap of the oppsite side) can handle

Report New Errata