RFC Errata
RFC 8410, "Algorithm Identifiers for Ed25519, Ed448, X25519, and X448 for Use in the Internet X.509 Public Key Infrastructure", August 2018
Note: This RFC has been updated by RFC 9295
Source of RFC: curdle (sec)
Errata ID: 7848
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT
Reported By: Corey Bonnell
Date Reported: 2024-03-12
Held for Document Update by: Deb Cooley
Date Held: 2024-04-11
Section 6 says:
Certificate ::= SEQUENCE { tbsCertificate TBSCertificate, signatureAlgorithm AlgorithmIdentifier, signatureValue BIT STRING } ... For the Certificate structure, the signature value is wrapped in the "signatureValue" BIT STRING field.
It should say:
Certificate ::= SEQUENCE { tbsCertificate TBSCertificate, signatureAlgorithm AlgorithmIdentifier, signature BIT STRING } ... For the Certificate structure, the signature value is wrapped in the "signature" BIT STRING field.
Notes:
There is no field with the name "signatureValue" in the Certificate SEQUENCE. It is instead named "signature" according to the ASN.1 module in RFC 5280 A.1 as well as the ASN.1 module in section 14 of RFC 5912.