Errata Search
RFC Number:		Errata ID:
Source of RFC		Status:	All/Any Verified+Reported Verified Reported Held for Document Update Rejected
Area Acronym:	All/Any app art gen int ops rai rtg sec tsv wit	Type:	All/Any Editorial Technical
WG Acronym:		Submitter Name:
Other:	All/Any IAB INDEPENDENT IRTF Legacy Editorial	Date Submitted:
Summary Table Full Records

Found 3 records.

Status: Verified (1)

RFC 7642, "System for Cross-domain Identity Management: Definitions, Overview, Concepts, and Requirements", September 2015

Source of RFC: scim (sec)

Errata ID: 7696
Status: Verified
Type: Editorial
Publication Format(s) : TEXT
Reported By: Masaya Watanabe
Date Reported: 2023-11-10
Verifier Name: RFC Editor
Date Verified: 2023-11-10

Section 3.4 says:

The user selects some attributes and authorizes the transfer of data via authorization protocols (e.g., OAuth, SAML), so selected attributes of the user are transferred from the user's account in directory service A to the website of replying party B at the time of the user's first visit to that site.

It should say:

The user selects some attributes and authorizes the transfer of data via authorization protocols (e.g., OAuth, SAML), so selected attributes of the user are transferred from the user's account in directory service A to the website of relying party B at the time of the user's first visit to that site.

Notes:

"relying party", not "replying party"

Status: Held for Document Update (2)

RFC 7642, "System for Cross-domain Identity Management: Definitions, Overview, Concepts, and Requirements", September 2015

Source of RFC: scim (sec)

Errata ID: 8326
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT
Reported By: Emmanuel Lecharny
Date Reported: 2025-03-13
Held for Document Update by: Deb Cooley
Date Held: 2025-12-28

Section 2.3.1 says:

CSP-1 then pushes the new CSU joiner push
   request downstream to CSU-2 and gets confirmation that the account
   was successfully created.

It should say:

CSP-1 then pushes the new CSU joiner push
   request downstream to CSP-2 and gets confirmation that the account
   was successfully created.

Notes:

CSU-2 makes no sense to me, and it's not even defined in the previous line, AFAIU.

Errata ID: 8470
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT
Reported By: Matthias Winter
Date Reported: 2025-06-20
Held for Document Update by: Deb Cooley
Date Held: 2025-12-28

Section 8.7.1 says:

      {
        "name" : "x509Certificates",
        "type" : "complex",
        "multiValued" : true,
        "description" : "A list of certificates issued to the User.",
        "required" : false,
        "caseExact" : false,
        "subAttributes" : [
          {
            "name" : "value",
            "type" : "binary",
            "multiValued" : false,
            "description" : "The value of an X.509 certificate.",
            "required" : false,
            "caseExact" : false,
            "mutability" : "readWrite",
            "returned" : "default",
            "uniqueness" : "none"
          },

It should say:

      {
        "name" : "x509Certificates",
        "type" : "complex",
        "multiValued" : true,
        "description" : "A list of certificates issued to the User.",
        "required" : false,
        "caseExact" : false,
        "subAttributes" : [
          {
            "name" : "value",
            "type" : "binary",
            "multiValued" : false,
            "description" : "The value of an X.509 certificate.",
            "required" : false,
            "caseExact" : true,
            "mutability" : "readWrite",
            "returned" : "default"
          },

Notes:

Section 2.3.6 indicates that "binary [...] has no uniqueness." The "x509Certificates" binary "value" subattribute currently lists a "uniqueness" property which should be removed. (See also Errata ID: 6000 - Binary attributes are case-exact)

Report New Errata