RFC Errata
Found 2 records.
Status: Reported (2)
RFC 7520, "Examples of Protecting Content Using JSON Object Signing and Encryption (JOSE)", May 2015
Source of RFC: jose (sec)
Errata ID: 7680
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Filip Skokan
Date Reported: 2023-10-17
Section 5.9 says:
This example illustrates encrypting content that is first compressed. It reuses the AES symmetric key, key encryption algorithm, and content encryption algorithm from Section 5.8. Note that whitespace is added for readability as described in Section 1.1.
It should say:
This example illustrates encrypting content that is first compressed. It reuses the AES symmetric key, key encryption algorithm, and content encryption algorithm from Section 5.8. Note that DEFLATE [RFC1951] is not a deterministic algorithm; its implementations must properly round-trip but are not required to produce the same compressed data; it might not be possible to exactly replicate the results in this section. Note that whitespace is added for readability as described in Section 1.1.
Notes:
This added text is aligned with other non-deterministic algorithms in sections 4.2, 4.3, 5.1, 5.2, 5.13, and 6. It gives the reader a heads up that the results might not be replicable, e.g. when using a modern zlib deflate implementation which uses ANZAC++ hash in favour of hardware accelerated hashing function (i.e. CRC32) to insert symbols in the dictionary during compression.
Errata ID: 4802
Status: Reported
Type: Editorial
Publication Format(s) : TEXT
Reported By: Florent Morselli
Date Reported: 2016-09-13
Section 5.7.5 says:
The figure 150 is: { "protected": "eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6IktrWVQwR1hfMm pIbGZxTl8iLCJraWQiOiIxOGVjMDhlMS1iZmE5LTRkOTUtYjIwNS0yYj RkZDFkNDMyMWQiLCJ0YWciOiJrZlBkdVZRM1QzSDZ2bmV3dC0ta3N3Ii wiZW5jIjoiQTEyOENCQy1IUzI1NiJ9", "encrypted_key": "lJf3HbOApxMEBkCMOoTnnABxs_CvTWUmZQ2ElLvYNo k", "iv": "gz6NjyEFNm_vm8Gj6FwoFQ", "ciphertext": "Jf5p9-ZhJlJy_IQ_byKFmI0Ro7w7G1QiaZpI8OaiVgD8E qoDZHyFKFBupS8iaEeVIgMqWmsuJKuoVgzR3YfzoMd3GxEm3VxNhzWyW tZKX0gxKdy6HgLvqoGNbZCzLjqcpDiF8q2_62EVAbr2uSc2oaxFmFuIQ HLcqAHxy51449xkjZ7ewzZaGV3eFqhpco8o4DijXaG5_7kp3h2cajRfD gymuxUbWgLqaeNQaJtvJmSMFuEOSAzw9Hdeb6yhdTynCRmu-kqtO5Dec 4lT2OMZKpnxc_F1_4yDJFcqb5CiDSmA-psB2k0JtjxAj4UPI61oONK7z zFIu4gBfjJCndsZfdvG7h8wGjV98QhrKEnR7xKZ3KCr0_qR1B-gxpNk3 xWU", "tag": "NvBveHr_vonkvflfnUrmBQ" } But the protected header in the figure 145 is: eyJhbGciOiJBMjU2R0NNS1ciLCJraWQiOiIxOGVjMDhlMS1iZmE5LTRkOTUtYj IwNS0yYjRkZDFkNDMyMWQiLCJ0YWciOiJrZlBkdVZRM1QzSDZ2bmV3dC0ta3N3 IiwiaXYiOiJLa1lUMEdYXzJqSGxmcU5fIiwiZW5jIjoiQTEyOENCQy1IUzI1Ni J9 And the figure 147 indicates the tag is "DKW7jrb4WaRSNfbXVPlT5g".
It should say:
The figure 150 should be: The figure 150 is: { "protected": "eyJhbGciOiJBMjU2R0NNS1ciLCJraWQiOiIxOGVjMDhlMS 1iZmE5LTRkOTUtYjIwNS0yYjRkZDFkNDMyMWQiLCJ0YWciOiJrZlBkdVZRM 1QzSDZ2bmV3dC0ta3N3IiwiaXYiOiJLa1lUMEdYXzJqSGxmcU5fIiwiZW5j IjoiQTEyOENCQy1IUzI1NiJ9", "encrypted_key": "lJf3HbOApxMEBkCMOoTnnABxs_CvTWUmZQ2ElLvYNo k", "iv": "gz6NjyEFNm_vm8Gj6FwoFQ", "ciphertext": "Jf5p9-ZhJlJy_IQ_byKFmI0Ro7w7G1QiaZpI8OaiVgD8E qoDZHyFKFBupS8iaEeVIgMqWmsuJKuoVgzR3YfzoMd3GxEm3VxNhzWyW tZKX0gxKdy6HgLvqoGNbZCzLjqcpDiF8q2_62EVAbr2uSc2oaxFmFuIQ HLcqAHxy51449xkjZ7ewzZaGV3eFqhpco8o4DijXaG5_7kp3h2cajRfD gymuxUbWgLqaeNQaJtvJmSMFuEOSAzw9Hdeb6yhdTynCRmu-kqtO5Dec 4lT2OMZKpnxc_F1_4yDJFcqb5CiDSmA-psB2k0JtjxAj4UPI61oONK7z zFIu4gBfjJCndsZfdvG7h8wGjV98QhrKEnR7xKZ3KCr0_qR1B-gxpNk3 xWU", "tag": "DKW7jrb4WaRSNfbXVPlT5g" }
Notes:
Wrong JSON Flattened Representation