RFC Errata
RFC 8613, "Object Security for Constrained RESTful Environments (OSCORE)", July 2019
Source of RFC: core (wit)
Errata ID: 8230
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT
Reported By: Marco Tiloca
Date Reported: 2025-01-03
Held for Document Update by: Francesca Palombini
Date Held: 2025-03-12
Section 8.4 says:
If either the decompression or the COSE message fails to decode, then go to 8.
It should say:
If the decompression fails, or the Recipient Context is unusable or invalid, or the COSE message fails to decode, then go to 8.
Notes:
There is currently no definition of "invalid" Security Context. Any later update on this can build on https://datatracker.ietf.org/doc/draft-ietf-core-oscore-key-limits/