RFC Errata
RFC 9250, "DNS over Dedicated QUIC Connections", May 2022
Source of RFC: dprive (int)See Also: RFC 9250 w/ inline errata
Errata ID: 7883
Status: Verified
Type: Technical
Publication Format(s) : TEXT, HTML
Reported By: Lyra Naeseth
Date Reported: 2024-04-05
Verifier Name: Eric Vyncke
Date Verified: 2024-04-23
Section 7.5 says:
Implementations SHOULD use the mechanisms defined in Section 5.4 to mitigate this attack.
It should say:
Implementations MUST use the padding mechanisms defined in Section 5.4 to mitigate this attack.
Notes:
Section 5.4 states that "[i]mplementations MUST protect against the traffic analysis attacks described in Section 7.5", but Section 7.5 describes that obligation as a "SHOULD". "MUST" is correct, and the inconsistent "SHOULD" in Section 7.5 is an error.
-- Verifier (Eric Vyncke) note --
The short discussion on the DPRIVE WG list has indicated that 2 authors are in favour of verifying this errata.