RFC Errata
RFC 8391, "XMSS: eXtended Merkle Signature Scheme", May 2018
Source of RFC: IRTF
Errata ID: 8424
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Alex J Malozemoff
Date Reported: 2025-05-19
Section 4.1.3 says:
An XMSS private key SK contains 2^h WOTS+ private keys, ...
It should say:
An XMSS private key SK contains an algorithm OID, 2^h WOTS+ private keys, ...
Notes:
Section 4.1.3 makes no mention of an OID; however, the reference spec includes one with the following comment: "For an implementation that uses runtime parameters, it is crucial that the OID is part of the secret key as well; i.e. not just for interoperability, but also for internal use."
This would suggest that an OID should be included as part of the private key in Section 4.1.3.