RFC Errata

Errata Search
RFC Number:		Errata ID:

Source of RFC		Status:
Area Acronym:		Type:
WG Acronym:		Submitter Name:
Other:		Date Submitted:
Summary Table Full Records

RFC 6960, "X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP", June 2013

Note: This RFC has been updated by RFC 8954

Source of RFC: pkix (sec)

Errata ID: 6167
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Yury Strozhevsky
Date Reported: 2020-05-11

Section 4.2.1 says:

   KeyHash ::= OCTET STRING -- SHA-1 hash of responder's public key
   (excluding the tag and length fields)

It should say:

KeyHash ::= OCTET STRING -- SHA-1 hash of responder's public key
                         -- (i.e., the SHA-1 hash of the value of the
                         -- BIT STRING subjectPublicKey [excluding
                         -- the tag, length, and number of unused
                         -- bits] in the responder's certificate)

Notes:

Same explanationa as for https://www.rfc-editor.org/errata/eid6166

Report New Errata

Search RFCs

RFC Editor

The Series

For Authors

Sponsor

RFC Errata

Errata Search

RFC 6960, "X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP", June 2013