RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 4430, "Kerberized Internet Negotiation of Keys (KINK)", March 2006

Source of RFC: kink (sec)

Errata ID: 93
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT

Reported By: Alfred Hoenes
Date Reported: 2006-07-06
Held for Document Update by: Pasi Eronen
Date Held: 2009-04-30

 

[editorial nits moved to errata ID 1770]

(7)  Section 4.2.7 (page 22/23)

(7a) Item (1b) above applies, and plaintext vs. ciphertext is unclear.

The initial text and Figure 13 unfortunately do not properly make
the distinction between unencrypted (plaintext) and encrypted
(ciphertext) values and fields.
The presentation on page 22 needs clarification, according to the
note given on page 23:

   The coverage of the encrypted data begins at InnerNextPload so that
   the first payload's type is kept confidential.  Thus, the number of
   encrypted octets is PayloadLength - 4.

On page 22, the text and Figure 13,

|  The KINK_ENCRYPT payload encapsulates other KINK payloads and is
|  encrypted using the session key and the algorithm specified by its
   etype.  This payload MUST be the final one in the outer payload chain
|  of the message.  The KINK_ENCRYPT payload MUST be encrypted before
   the final KINK checksum is applied.

     0                   1                   2                   3
     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|   +---------------+---------------+---------------+---------------+
|   | Next Payload  |   RESERVED    |         Payload Length        |
    +---------------+---------------+---------------+---------------+
    | InnerNextPload|                   RESERVED2                   |
    +---------------+---------------+---------------+---------------+
    |                         Payload (variable)                    |
    +---------------+---------------+---------------+---------------+

|                    Figure 13:  KINK_ENCRYPT Payload

should say:

|  The KINK_ENCRYPT payload encapsulates other KINK payloads and its
|  value is encrypted using the session key and the algorithm specified
   by its etype.  This payload MUST be the final one in the outer
|  payload chain of the message.  The plaintext KINK_ENCRYPT payload
|  value MUST be encrypted before the final KINK checksum is applied.

     0                   1                   2                   3
     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
    +---------------+---------------+---------------+---------------+
    | Next Payload  |   RESERVED    |         Payload Length        |
    +---------------+---------------+---------------+---------------+
|   |                                                               |
|   ~       encrypted KINK_ENCRYPT Payload value (variable)         ~
|   |                                                               |
    +---------------+---------------+---------------+---------------+

|                    Figure 13a:  KINK_ENCRYPT Payload

(I have chosen the more descriptive filed name,
'encrypted KINK_ENCRYPT Payload value' over the more fuzzy term,
'encryption payload' used in the text on page 23.)

After the first bullet on page 23,

     o    Next Payload, RESERVED, Payload Length -- Defined in the
          beginning of this section.  This payload is the last one in a
          message, and accordingly, the Next Payload field must be
          KINK_DONE (0).

The following text and figure should be inserted:

     o    encrypted KINK_ENCRYPT Payload value -- This is the
          encrypted form of the plaintext form of the KINK_ENCRYPT
          Payload value in the following format:

     0                   1                   2                   3
     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
    +---------------+---------------+---------------+---------------+
    | InnerNextPload|                   RESERVED2                   |
    +---------------+---------------+---------------+---------------+
    |                   KINK Payloads (variable)                    |
    +---------------+---------------+---------------+---------------+

|          Figure 13b:  unencrypted KINK_ENCRYPT Payload value

   Fields:


(7b)  typo, and (7a) continued

The final paragraph of Section 4.2.7, on page 23, says:

                     vvvvvvvvvvvvvvvvvv
|  The format of the encryption payload follows the normal Kerberos
   semantics.  Its content is the output of an encrypt function defined
   in the Encryption Algorithm Profile section of [KCRYPTO].  Parameters
   such as encrypt function itself, specific-key, and initial state are
   defined with the etype.  [...]
   itself and there may be some garbage data at the end of the decrypted
   plaintext.  A KINK implementation MUST be prepared to ignore such
   padding after the last sub-payload inside the KINK_ENCRYPT payload.
   [...]

It should say:

                     vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
|  The format of the encrypted KINK_ENCRYPT Payload value follows the
   normal Kerberos semantics.  Its content is the output of an encrypt
   function defined in the Encryption Algorithm Profile section of
|  [KCRYPTO].  Parameters such as the encrypt function itself, specific-
   key, and initial state are defined with the etype.  [...]

Notes:


Items (1)..(7) have been revised on the author's comments received.
In particular, item (7) has been revised substantially to achieve
a selfconsistent presentation in accordance with the author's intent.
I propose to incorporate the above items (1)..(7) and (9) directly
into an RFC Errata Note.
Item (8), and perhaps item (7) as well, still needs judgement from
the RFC authors.

------------------------------------------------
ERRATA RESPONSE:
From: Unknown Name (though from this email: Shouichi.Sakane@jp.yokogawa.com)
Could someone verify 1a, 4b and 9b ?

from pending

Report New Errata