RFC Errata
RFC 5912, "New ASN.1 Modules for the Public Key Infrastructure Using X.509 (PKIX)", June 2010
Source of RFC: pkix (sec)See Also: RFC 5912 w/ inline errata
Errata ID: 6806
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Carl Wallace
Date Reported: 2022-01-03
Verifier Name: Benjamin Kaduk
Date Verified: 2022-01-04
Section 6 says:
pk-rsa PUBLIC-KEY ::= {
IDENTIFIER rsaEncryption
KEY RSAPublicKey
PARAMS TYPE NULL ARE absent
-- Private key format not in this module --
CERT-KEY-USAGE {digitalSignature, nonRepudiation,
keyEncipherment, dataEncipherment, keyCertSign, cRLSign}
}
It should say:
pk-rsa PUBLIC-KEY ::= {
IDENTIFIER rsaEncryption
KEY RSAPublicKey
PARAMS TYPE NULL ARE required
-- Private key format not in this module --
CERT-KEY-USAGE {digitalSignature, nonRepudiation,
keyEncipherment, dataEncipherment, keyCertSign, cRLSign}
}
Notes:
Section 2.3.1 of RFC 3279 states "(t)he parameters field MUST have ASN.1 type NULL for this algorithm identifier."