RFC 9172, "Bundle Protocol Security (BPSec)", January 2022

Errata ID: 8312
Status: Reported
Type: Technical
Publication Format(s) : HTML
Reported By: Brian Sipos
Date Reported: 2025-02-24

Section 3.6 says:

/none/

It should say:

Any fields of the ASB, including the Security Source, MAY be treated 
as untrusted input for key material lookup in support of processing 
a security operation as a validator or acceptor.
Any fields of the ASB SHALL NOT be used for making other decisions 
on a node unless they are covered as additional authenticated data 
by an successfully validated or accepted integrity or confidentiality 
operation on that node.

Notes:

There was no original text restricting how the fields of the ASB can be used by a node. This errata explicitly restricts untrusted inputs in the ASB from influencing node processing, including logic or telemetry based on the Security Source. The default security contexts of RFC 9173 do not yet have the possibility to include the Security Source as additional authenticated data.

Report New Errata