RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

Found 3 records.

Status: Held for Document Update (3)

RFC 6931, "Additional XML Security Uniform Resource Identifiers (URIs)", April 2013

Note: This RFC has been obsoleted by RFC 9231

Source of RFC: IETF - NON WORKING GROUP
Area Assignment: sec

Errata ID: 3965
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT

Reported By: Axel Puhlmann
Date Reported: 2014-04-15
Held for Document Update by: Roman Danyliw
Date Held: 2022-01-19

Section 4.2 and 4.1 says:

   2006/12/xmlc12n11#                  [CANON11]  Canonicalization
   2006/12/xmlc14n11#WithComments      [CANON11]  Canonicalization

It should say:

   2006/12/xmlc12n11#   {Bad}          [CANON11]
   2006/12/xmlc14n11#                  [CANON11]

Notes:

As explained in Appendix B of draft-eastlake-rfc6931bis-xmlsec-uris:

[RFC6931] included two bad URIs as shown below. "{Bad}" in the
indexes (Sections 4.1 and 4.2) indicates such a bad value.
Implementations SHOULD only generate the correct URI but SHOULD
understand both the correct and erroneous URI.

2006/12/xmlc12n11#
Appears in the indices (Section 4.1 and 4.2] of [RFC6931] when it
should be "2006/12/xmlc14n11#" (i.e., the "12" inside "xmlc12n11"
should have been "14"). This is [Err3965] and is corrected in
this document.

==[ Original Text
--[ corrected text
2006/12/xmlc14n11# [CANON11] Canonicalization
2006/12/xmlc14n11#WithComments [CANON11] Canonicalization

-- [notes
[CANON11] referencing to <http://www.w3.org/TR/2008/REC-xml-c14n11-20080502/>
only talks about c14n and not c12n.

If this is not a flaw but done purposely, there should be a not about it.

I could not find the original definitions for xmlc12n11 and xmlc14n11.
They are not in the referenced document.
(And google only shows copies of this rfc.)

For stability reasons it may be better to not change/correct this, as it may be already in use.
So a note about this discrepance may be appropriate. Or a reference to the document defining those uris.

Errata ID: 4004
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT

Reported By: Frederick Hirsch
Date Reported: 2014-05-29
Held for Document Update by: Roman Danyliw
Date Held: 2022-01-18

Section 2.3.11 says:

2.3.11.  RSA-SHA224

Identifier:
     http://www.w3.org/2007/05/xmldsig-more#rsa-sha224

  This implies the PKCS#1 v1.5 padding algorithm [RFC3447] as described
  in Section 2.3.1, but with the ASN.1 BER SHA-224 algorithm designator
  prefix.  An example of use is

  <SignatureMethod
     Algorithm="http://www.w3.org/2007/05/xmldsig-more#rsa-sha224" />

  Because it takes about the same effort to calculate a SHA-224 message
  digest as it does a SHA-256 message digest, it is suggested that
  RSA-SHA256 be used in preference to RSA-SHA224 where possible.

It should say:

2.3.11.  RSA-SHA224

Identifier:
     http://www.w3.org/2001/04/xmldsig-more#rsa-sha224

  This implies the PKCS#1 v1.5 padding algorithm [RFC3447] as described
  in Section 2.3.1, but with the ASN.1 BER SHA-224 algorithm designator
  prefix.  An example of use is

  <SignatureMethod
     Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha224" />

  Because it takes about the same effort to calculate a SHA-224 message
  digest as it does a SHA-256 message digest, it is suggested that
  RSA-SHA256 be used in preference to RSA-SHA224 where possible.

Notes:

RFC 6931 should be corrected to use the same identifier for RSA-SHA224 as is used in the W3C Recommendation "XML Signature Syntax and Processing Version 1.1? normative section 6.4.2 ( http://www.w3.org/TR/2013/REC-xmldsig-core1-20130411/#sec-PKCS1 ).

This same identifier is also specified in the W3C Note "XML Security Algorithm Cross-Reference? section 3.2 ( http://www.w3.org/TR/2013/NOTE-xmlsec-algorithms-20130411/#RSA )

At least two shipping code implementations use this value from the W3C Recommendation ; to enable interoperability, avoid confusion and be consistent with the published Recommendation RFC 6931 should be updated to be consistent.

Please note that the revision affects both the identifier URL and the Algorithm attribute value in the 2.3.11 section which is why the entire section is given in the Original and Corrected text above.

Errata ID: 3597
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT

Reported By: Annie Yousar
Date Reported: 2013-04-18
Held for Document Update by: Sean Turner

Section References says:

[XMLDSIG11]   Eastlake, D., Reagle, J., Solo, D., Hirsch, F.,
              Nystrom, M., Roessler, T., and K. Yiu, "XML Signature
              Syntax and Processing Version 1.1", W3C Proposed
              Recommendation, 24 January 2013,
              <http://www.w3.org/TR/2013/PR-xmldsig-core1-20130124/>.


It should say:

[XMLDSIG11]   Eastlake, D., Reagle, J., Solo, D., Hirsch, F.,
              Nystrom, M., Roessler, T., and K. Yiu, "XML Signature
              Syntax and Processing Version 1.1", W3C Recommendation,
              11 April 2013, <http://www.w3.org/TR/xmldsig-core1/>.

Notes:

A normative reference should point to the final and not to the pre version even if there are differences.

Report New Errata



Advanced Search