RFC Errata
Found 1 record.
Status: Verified (1)
RFC 4025, "A Method for Storing IPsec Keying Material in DNS", March 2005
Source of RFC: ipseckey (sec)
Errata ID: 7402
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Tobias Brunner
Date Reported: 2023-03-23
Date Verified: 2023-08-02
Section 2.1 says:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| precedence | gateway type | algorithm | gateway |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-------------+ +
~ gateway ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
It should say:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| precedence | gateway type | algorithm | gateway |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+---------------+ +
~ gateway ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Notes:
Section 2.4 does not explicitly specify a length for the algorithm field (unlike section 2.2 does for the precedence field). But using only 7 bits for it after the preceding two fields used 8 bits is quite unexpected. So this seems like a mistake in this diagram. Note that the BIND DNS server already uses 8 bits for the algorithm field.