RFC Errata
Found 3 records.
Status: Verified (2)
RFC 5801, "Using Generic Security Service Application Program Interface (GSS-API) Mechanisms in Simple Authentication and Security Layer (SASL): The GS2 Mechanism Family", July 2010
Source of RFC: sasl (sec)
Errata ID: 2768
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Simon Josefsson
Date Reported: 2011-04-06
Verifier Name: Sean Turner
Date Verified: 2011-05-12
Section 10.1 and 11. says:
Section 10.1: const gss_OID desired_mech, Section 11.1: const gss_buffer_t sasl_mech_name,
It should say:
Section 10.1: gss_const_OID desired_mech, Section 11.1: gss_const_buffer_t sasl_mech_name, Add to section 2: The normative reference to [RFC5587] is for the C types "gss_const_buffer_t" and "gss_const_OID", nothing else from that document is required to implement this document. Add new normative reference: [RFC5587] Williams, N., "Extended Generic Security Service Mechanism Inquiry APIs", RFC 5587, July 2009.
Notes:
There is a bug in the C interfaces for these functions. RFC 5587 section 3.4.6 explains the problem and specifies new types to use instead. This errata makes RFC 5801 use the corrected types.
As far as I understand, there are no technical/implementation implications caused by this change -- it merely helps the compiler check implementations better and (in some cases) it can avoid compiler warnings on application code.
A similar issue was recently discussed in the Kitten WG list.
Errata ID: 2825
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Thomas Maslen
Date Reported: 2011-06-07
Verifier Name: Stephen Farrell
Date Verified: 2013-03-16
Section 5.1 says:
The initiator-address-type and acceptor-address-type fields of the GSS-CHANNEL-BINDINGS structure MUST be set to 0.
It should say:
The initiator-address-type and acceptor-address-type fields of the GSS-CHANNEL-BINDINGS structure MUST be set to 255 (GSS_C_AF_NULLADDR).
Notes:
See RFC 2744, section 3.11, last paragraph: "[...] or omit addressing information, specifying GSS_C_AF_NULLADDR as the address-types".
Appendix A of RFC 2744 specifies that the value of GSS_C_AF_NULLADDR is 255.
Status: Reported (1)
RFC 5801, "Using Generic Security Service Application Program Interface (GSS-API) Mechanisms in Simple Authentication and Security Layer (SASL): The GS2 Mechanism Family", July 2010
Source of RFC: sasl (sec)
Errata ID: 5081
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Rick van Rein
Date Reported: 2017-08-09
Section 3.1 says:
If any padding or non-alphabet characters are encountered, the name is not a GS2 family mechanism name.
It should say:
If any padding or non-alphanumerical characters are encountered, the name is not a GS2 family mechanism name.