RFC Errata
Found 1 record.
Status: Reported (1)
RFC 4998, "Evidence Record Syntax (ERS)", August 2007
Source of RFC: ltans (sec)
Errata ID: 7411
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Florian Fischer
Date Reported: 2023-03-31
Section 5.2. says:
4. Concatenate each h(i) with ha(i) and generate hash values h(i)' = H (h(i)+ ha(i)). For multi-document groups, this is: h(i_a)' = H (h(i_a)+ ha(i)) h(i_b)' = H (h(i_b)+ ha(i)), etc.
It should say:
4. Concatenate each h(i) with ha(i) in binary ascending order and generate hash values h(i)' = H (h(i)+ ha(i)). For multi-document groups, this is: h(i_a)' = H (h(i_a)+ ha(i)) h(i_b)' = H (h(i_b)+ ha(i)), etc.
Notes:
In RFC 4998 HashTree-Renewal is specified in an ambiguous manner.
Skipping sorting before concatenating is a deviation from all other steps in RFC 4998 where hashes are concatenated.
This conclusion is supported by RFC 4998 "Figure 4" that illustrates the steps above and the explanation that follows. The relevant part is this:
h2a' = H( binary sorted and concatenated (h2a, ha(2)))
...
h2c' = H( binary sorted and concatenated (h2c, ha(2)))
So the illustration and its explanation clearly states the sorting before concatenation.