RFC Errata


Errata Search
 
Source of RFC  
Summary Table Full Records

Found 2 records.

Status: Verified (2)

RFC 4212, "Alternative Certificate Formats for the Public-Key Infrastructure Using X.509 (PKIX) Certificate Management Protocols", October 2005

Source of RFC: INDEPENDENT

Errata ID: 8447
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Russ Housley
Date Reported: 2025-06-04
Verifier Name: Eliot Lear
Date Verified: 2025-06-08

Section 2.1 says: 

      OptionalAttCertValidity  ::= SEQUENCE {
         notBeforeTime  GeneralizedTime  OPTIONAL,
         notAfterTime   GeneralizedTime  OPTIONAL
      } -- at least one must be present

It should say:

      OptionalAttCertValidity  ::= SEQUENCE {
         notBeforeTime  [0] GeneralizedTime  OPTIONAL,
         notAfterTime   [1] GeneralizedTime  OPTIONAL
      } -- at least one must be present

Notes:

A SEQUENCE cannot contain two optional components with the same tag, so a tag must be provided for at least one of them. This correction provides tags for both of the optional components.

Errata ID: 8448
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Russ Housley
Date Reported: 2025-06-04
Verifier Name: Eliot Lear
Date Verified: 2025-06-08

Section 2.1 says: 

      AttCertTemplate ::= SEQUENCE {
         version                 AttCertVersion            OPTIONAL,
         holder                  Holder                    OPTIONAL,
         issuer                  AttCertIssuer             OPTIONAL,
         signature               AlgorithmIdentifier       OPTIONAL,
         serialNumber            CertificateSerialNumber   OPTIONAL,
         attrCertValidityPeriod  OptionalAttCertValidity   OPTIONAL,
         attributes              SEQUENCE OF Attribute     OPTIONAL,
         issuerUniqueID          UniqueIdentifier          OPTIONAL,
         extensions              Extensions                OPTIONAL
      }

It should say:

      AttCertTemplate ::= SEQUENCE {
         version                 [0] AttCertVersion            OPTIONAL,
         holder                  [1] Holder                    OPTIONAL,
         issuer                  [2] AttCertIssuer             OPTIONAL,
         signature               [3] AlgorithmIdentifier       OPTIONAL,
         serialNumber            [4] CertificateSerialNumber   OPTIONAL,
         attrCertValidityPeriod  [5] OptionalAttCertValidity   OPTIONAL,
         attributes              [6] SEQUENCE OF Attribute     OPTIONAL,
         issuerUniqueID          [7] UniqueIdentifier          OPTIONAL,
         extensions              [8] Extensions                OPTIONAL
      }

Notes:

A SEQUENCE cannot contain two optional components with the same tag, so a tag must be provided for at least one of them. This correction provides tags for both of the optional components.

Report New Errata



Advanced Search