Errata Search
RFC Number:		Errata ID:
Source of RFC		Status:	All/Any Verified+Reported Verified Reported Held for Document Update Rejected
Area Acronym:	All/Any app art gen int ops rai rtg sec tsv wit	Type:	All/Any Editorial Technical
WG Acronym:		Submitter Name:
Other:	All/Any IAB INDEPENDENT IRTF Legacy Editorial	Date Submitted:
Summary Table Full Records

Found 2 records.

Status: Verified (1)

RFC 5958, "Asymmetric Key Packages", August 2010

Source of RFC: IETF - NON WORKING GROUP
Area Assignment: sec

Errata ID: 2653
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Sean Turner
Date Reported: 2010-12-01
Verifier Name: Stephen Farrell
Date Verified: 2011-11-12

Section 2 and App A says:

  ct-asymmetric-key-package CONTENT-TYPE ::=
    { AsymmetricKeyPackage IDENTIFIED BY id-ct-KP-aKeyPackage }

It should say:

  ct-asymmetric-key-package CONTENT-TYPE ::=
    { TYPE AsymmetricKeyPackage IDENTIFIED BY id-ct-KP-aKeyPackage }

Notes:

With the approval of errata 2612 (http://www.rfc-editor.org/errata_search.php?eid=2612), the asymmetric key package content type definition also needs to be updated to add "TYPE" to the CONTENT-TYPE definition.

Status: Reported (1)

RFC 5958, "Asymmetric Key Packages", August 2010

Source of RFC: IETF - NON WORKING GROUP
Area Assignment: sec

Errata ID: 5962
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Kevin Braun
Date Reported: 2020-01-22

Section Appendix A says:

   PrivateKeyAlgorithms ALGORITHM ::= {
     ... -- Extensible
   }

   KeyEncryptionAlgorithms ALGORITHM ::= {
     ... -- Extensible
   }

It should say:

   PrivateKeyAlgorithms PUBLIC-KEY ::= {
     ... -- Extensible
   }

   KeyEncryptionAlgorithms CONTENT-ENCRYPTION ::= {
     ... -- Extensible
   }

Notes:

The above given information object sets are used in defining types PrivateKeyAlgorithmIdentifier and EncryptionAlgorithmIdentifier:

PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier
{ PUBLIC-KEY,
{ PrivateKeyAlgorithms } }

EncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
{ CONTENT-ENCRYPTION,
{ KeyEncryptionAlgorithms } }

The parameterized type AlgorithmIdentifier has two parameters, one an information object class and the other an information object set. The information object set must be contain objects of the given class, or else the table constraint in AlgorithmIdentifier will not be valid. This requirement is not met as PrivateKeyAlgorithms and KeyEncryptionAlgorithms are currently defined, and therefore the definition is not valid according to ITU-T X.682.

An alternative correction would be to change the type definitions to specify "ALGORITHM" in the invocation of the parameterized type AlgorithmIdentifier.

Report New Errata