RFC Errata
Found 4 records.
Status: Verified (3)
RFC 5917, "Clearance Sponsor Attribute", June 2010
Source of RFC: IETF - NON WORKING GROUPArea Assignment: sec
Errata ID: 4537
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Lars Wilhelmsen
Date Reported: 2015-11-18
Verifier Name: Stephen Farrell
Date Verified: 2015-11-19
Section Introduction says:
This document specifies the clearance sponsor attribute. It is included in public key certificates [RFC5280] and attribute certificates [RFC5755]. This attribute is only meaningful as a companion of the clearance attribute [RFC5755] [RFC5912]. The clearance sponsor is the entity (e.g., agency, department, or organization) that granted the clearance to the subject named in the certificate. For example, the clearance sponsor for a subject asserting the Amoco clearance values [RFC3114] could be "Engineering".
It should say:
This document specifies the clearance sponsor attribute. It is included in public key certificates [RFC5280] and attribute certificates [RFC5755]. This attribute is only meaningful as a companion of the clearance attribute [RFC5755] [RFC5913]. The clearance sponsor is the entity (e.g., agency, department, or organization) that granted the clearance to the subject named in the certificate. For example, the clearance sponsor for a subject asserting the Amoco clearance values [RFC3114] could be "Engineering". RFC 5913 should be added to the references: [RFC5913] Turner, S. and S. Chokhani, "Clearance Attribute and Authority Clearance Constraints Certificate Extension", RFC 5913, June 2010.
Notes:
The first paragraph in the section references RFC 5912. As far as I can see, it should really reference RFC 5913 (Clearance Attribute and Authority Clearance Constraints - Certificate Extension).
Errata ID: 5883
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Russ Housley
Date Reported: 2019-10-25
Verifier Name: Benjamin Kaduk
Date Verified: 2019-10-26
Section Appendix A says:
DirectoryString PKIX1Explicit-2009 { iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-explicit-02(51) }
It should say:
DirectoryString FROM PKIX1Explicit-2009 { iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) id-mod-pkix1-explicit-02(51) }
Notes:
As already reported in eid4558, the "FROM" is missing. In addition, "-mod" is missing from the text portion of the object identifier.
Errata ID: 5884
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Russ Housley
Date Reported: 2019-10-25
Verifier Name: Benjamin Kaduk
Date Verified: 2019-10-26
Section Appendix A says:
at-clearanceSponsor ATTRIBUTE ::= { TYPE DirectoryString { ub-clearance-sponsor } ( WITH COMPONENTS { utf8String PRESENT } ) EQUALITY MATCHING RULE caseIgnoreMatch IDENTIFIED BY id-clearanceSponsor }
It should say:
at-clearanceSponsor ATTRIBUTE ::= { TYPE DirectoryString { ub-clearance-sponsor } ( WITH COMPONENTS { uTF8String PRESENT } ) EQUALITY MATCHING RULE caseIgnoreMatch IDENTIFIED BY id-clearanceSponsor }
Notes:
The DirectoryString that is imported from RFC 5912 uses a different capitalization for "uTF8String". They need to be the same for the ASN.1 module to compile properly.
Status: Rejected (1)
RFC 5917, "Clearance Sponsor Attribute", June 2010
Source of RFC: IETF - NON WORKING GROUPArea Assignment: sec
Errata ID: 4558
Status: Rejected
Type: Editorial
Publication Format(s) : TEXT
Reported By: Lars Wilhelmsen
Date Reported: 2015-12-07
Rejected by: Benjamin Kaduk
Date Rejected: 2019-10-26
Section Appendix A says:
IMPORTS -- Imports from New PKIX ASN.1 [RFC5912] DirectoryString PKIX1Explicit-2009 { iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-explicit-02(51) }
It should say:
IMPORTS -- Imports from New PKIX ASN.1 [RFC5912] DirectoryString FROM PKIX1Explicit-2009 { iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-explicit-02(51) }
Notes:
Missing "FROM" in import statement.
--VERIFIER NOTES--
While the FROM is indeed missing, there is another error in this text that was reported in eid5883; since that report fully supersedes this one, this errata report is redundant. "Rejected" is the least bad state in which to leave such a report.